Vigil@nce - Cisco ASA: denial of service via SIP Inspect
August 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
When the SIP inspection is enabled, an attacker can force Cisco
ASA to allocate numerous resources, in order to create a denial of
service.
Severity: 1/4
Creation date: 07/08/2012
IMPACTED PRODUCTS
– Cisco ASA Software
DESCRIPTION OF THE VULNERABILITY
When the SIP inspection is enabled, an attacker can force Cisco
ASA to allocate numerous resources ("pre-allocated secondary
pinholes"), in order to create a denial of service.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-ASA-denial-of-service-via-SIP-Inspect-11830