CVE-2010-4679: Input Validation
First published: Fri Jan 07 2011(Updated: )
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance Software | <=8.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.0 | |
| Cisco Adaptive Security Appliance Software | =7.0\(0\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(4\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5.2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(6.7\) | |
| Cisco Adaptive Security Appliance Software | =7.0.1 | |
| Cisco Adaptive Security Appliance Software | =7.0.1.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.2 | |
| Cisco Adaptive Security Appliance Software | =7.0.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.4.3 | |
| Cisco Adaptive Security Appliance Software | =7.0.5 | |
| Cisco Adaptive Security Appliance Software | =7.0.6 | |
| Cisco Adaptive Security Appliance Software | =7.0.7 | |
| Cisco Adaptive Security Appliance Software | =7.0.8 | |
| Cisco Adaptive Security Appliance Software | =7.0.8-interim | |
| Cisco Adaptive Security Appliance Software | =7.1 | |
| Cisco Adaptive Security Appliance Software | =7.1\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.27\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.49\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.1.1 | |
| Cisco Adaptive Security Appliance Software | =7.1.2 | |
| Cisco Adaptive Security Appliance Software | =7.2 | |
| Cisco Adaptive Security Appliance Software | =7.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(1.22\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.7\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.8\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.10\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.14\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.15\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.16\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.17\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.18\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.19\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.2.1 | |
| Cisco Adaptive Security Appliance Software | =7.2.2 | |
| Cisco Adaptive Security Appliance Software | =7.2.3 | |
| Cisco Adaptive Security Appliance Software | =7.2.4 | |
| Cisco Adaptive Security Appliance Software | =7.2.5 | |
| Cisco Adaptive Security Appliance Software | =8.0 | |
| Cisco Adaptive Security Appliance Software | =8.0.2 | |
| Cisco Adaptive Security Appliance Software | =8.0.3 | |
| Cisco Adaptive Security Appliance Software | =8.0.4 | |
| Cisco Adaptive Security Appliance Software | =8.0.5 | |
| Cisco Adaptive Security Appliance Software | =8.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.2.1 | |
| Cisco Adaptive Security Appliance Software | =8.2.2 | |
| Cisco Adaptive Security Appliance Software | =8.2.2-interim | |
| Cisco Adaptive Security Appliance 5500 | ||
| Cisco ASA 5500 CSC-SSM |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-4679?
CVE-2010-4679 has been classified as a high severity vulnerability due to the potential for denial of service through TCP socket exhaustion.
How do I fix CVE-2010-4679?
To fix CVE-2010-4679, upgrade your Cisco Adaptive Security Appliance software to version 8.2(3) or later.
What devices are affected by CVE-2010-4679?
CVE-2010-4679 affects Cisco Adaptive Security Appliances (ASA) 5500 series devices running software versions prior to 8.2(3).
What is the impact of CVE-2010-4679?
The impact of CVE-2010-4679 can lead to a denial of service that disrupts network traffic due to exhausted TCP sockets.
How does CVE-2010-4679 exploit the system?
CVE-2010-4679 exploits the system by causing remote OCSP responders to reject connection attempts, leading to TCP socket exhaustion.
- collector/nvd-historical
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- vendor/cisco
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/8.2\(2\)
- version/cisco adaptive security appliance software/7.0
- version/cisco adaptive security appliance software/7.0\(0\)
- version/cisco adaptive security appliance software/7.0\(2\)
- version/cisco adaptive security appliance software/7.0\(4\)
- version/cisco adaptive security appliance software/7.0\(5\)
- version/cisco adaptive security appliance software/7.0\(5.2\)
- version/cisco adaptive security appliance software/7.0\(6.7\)
- version/cisco adaptive security appliance software/7.0.1
- version/cisco adaptive security appliance software/7.0.1.4
- version/cisco adaptive security appliance software/7.0.2
- version/cisco adaptive security appliance software/7.0.4
- version/cisco adaptive security appliance software/7.0.4.3
- version/cisco adaptive security appliance software/7.0.5
- version/cisco adaptive security appliance software/7.0.6
- version/cisco adaptive security appliance software/7.0.7
- version/cisco adaptive security appliance software/7.0.8
- version/cisco adaptive security appliance software/7.0.8-interim
- version/cisco adaptive security appliance software/7.1
- version/cisco adaptive security appliance software/7.1\(2\)
- version/cisco adaptive security appliance software/7.1\(2.5\)
- version/cisco adaptive security appliance software/7.1\(2.27\)
- version/cisco adaptive security appliance software/7.1\(2.48\)
- version/cisco adaptive security appliance software/7.1\(2.49\)
- version/cisco adaptive security appliance software/7.1\(5\)
- version/cisco adaptive security appliance software/7.1.1
- version/cisco adaptive security appliance software/7.1.2
- version/cisco adaptive security appliance software/7.2
- version/cisco adaptive security appliance software/7.2\(1\)
- version/cisco adaptive security appliance software/7.2\(1.22\)
- version/cisco adaptive security appliance software/7.2\(2\)
- version/cisco adaptive security appliance software/7.2\(2.5\)
- version/cisco adaptive security appliance software/7.2\(2.7\)
- version/cisco adaptive security appliance software/7.2\(2.8\)
- version/cisco adaptive security appliance software/7.2\(2.10\)
- version/cisco adaptive security appliance software/7.2\(2.14\)
- version/cisco adaptive security appliance software/7.2\(2.15\)
- version/cisco adaptive security appliance software/7.2\(2.16\)
- version/cisco adaptive security appliance software/7.2\(2.17\)
- version/cisco adaptive security appliance software/7.2\(2.18\)
- version/cisco adaptive security appliance software/7.2\(2.19\)
- version/cisco adaptive security appliance software/7.2\(2.48\)
- version/cisco adaptive security appliance software/7.2.1
- version/cisco adaptive security appliance software/7.2.2
- version/cisco adaptive security appliance software/7.2.3
- version/cisco adaptive security appliance software/7.2.4
- version/cisco adaptive security appliance software/7.2.5
- version/cisco adaptive security appliance software/8.0
- version/cisco adaptive security appliance software/8.0.2
- version/cisco adaptive security appliance software/8.0.3
- version/cisco adaptive security appliance software/8.0.4
- version/cisco adaptive security appliance software/8.0.5
- version/cisco adaptive security appliance software/8.2\(1\)
- version/cisco adaptive security appliance software/8.2.1
- version/cisco adaptive security appliance software/8.2.2
- version/cisco adaptive security appliance software/8.2.2-interim
- canonical/cisco adaptive security appliance 5500
- canonical/cisco asa 5500 csc-ssm