CVE-2016-1287— Cisco ASA Software IKEv1和IKEv2 缓冲区错误漏洞

N/A

Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.

N/A

N/A

Cisco ASA Software IKEv1和IKEv2 缓冲区错误漏洞

Cisco ASA（Adaptive Security Appliances，自适应安全设备）Software是美国思科（Cisco）公司的一套防火墙和网络安全平台。该平台提供了对数据和网络资源的高度安全的访问等功能。 Cisco ASA Software的IKEv1和IKEv2实现过程中存在缓冲区溢出漏洞。远程攻击者可借助特制的UDP数据包利用该漏洞执行任意代码或造成拒绝服务（设备重载）。以下产品及版本受到影响：Cisco ASA 5500，ASA 5500-X，ASA Services Module

N/A

N/A