First published: Fri Feb 25 2011(Updated: )
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Adaptive Security Appliance Software | =8.0\(2\) | |
Cisco Adaptive Security Appliance Software | =8.0\(3\) | |
Cisco Adaptive Security Appliance Software | =8.0\(4\) | |
Cisco Adaptive Security Appliance Software | =8.0\(5\) | |
Cisco Adaptive Security Appliance Software | =8.1\(1\) | |
Cisco Adaptive Security Appliance Software | =8.1\(2\) | |
Cisco Adaptive Security Appliance Software | =8.2 | |
Cisco Adaptive Security Appliance Software | =8.2\(1\) | |
Cisco Adaptive Security Appliance Software | =8.2\(2\) | |
Cisco Adaptive Security Appliance Software | =8.3 | |
Cisco Adaptive Security Appliance Software | =8.0 | |
Cisco Adaptive Security Appliance Software | =8.3\(1\) | |
Cisco ASA 5500 CSC-SSM | ||
Cisco ASA 5505 Firmware | ||
Cisco ASA 5510 firmware | ||
Cisco ASA Software | ||
Cisco ASA | ||
Cisco ASA 5550 firmware | ||
Cisco ASA 5580 Firmware | ||
Cisco PIX | ||
Cisco PIX Firewall | ||
Cisco PIX 506E | ||
Cisco PIX | ||
Cisco PIX Firewall | ||
Cisco PIX | ||
Cisco PIX | ||
Cisco PIX Firewall |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2011-0395 is classified as high due to the potential for remote denial of service.
To fix CVE-2011-0395, upgrade the Cisco Adaptive Security Appliance software to the latest version recommended by Cisco.
CVE-2011-0395 affects Cisco Adaptive Security Appliance (ASA) 5500 series devices running specific versions of software prior to the patches.
CVE-2011-0395 enables remote attackers to execute a denial of service attack on affected Cisco ASA devices.
While upgrading is the best fix, temporarily disabling the RIP protocol and Cisco Phone Proxy may help mitigate the risk associated with CVE-2011-0395.