Cisco Mitigates DoS Hole
Thursday, May 19, 2016 @ 04:05 PM gHale
Cisco released a patch that can block out remote attackers from the IPsec code of its Adaptive Security Appliance (ASA) Software, officials said.
The vulnerability could have allowed attackers to alter a memory block, which subsequently may cause the system to cease transferring traffic culminating in a denial-of-service (DoS), Cisco said.
The bug was the result of an error in the installation of ICMP error handling for IPSec packets, Cisco said in a security advisory.
“An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel,” the researchers explained.
The company released software updates to mitigate the situation.
While the Cisco Product Security Incident Response Team (PSIRT) said it is not aware of any malicious use of the vulnerability, it does recommend customers to upgrade to the new version.