Cisco ASA: denial of service via SIP Inspect
Synthesis of the vulnerability
When the SIP inspection is enabled, an attacker can force Cisco ASA to allocate numerous resources, in order to create a denial of service.Impacted products:
26620, BID-54836, CSCtz63143, CVE-2012-2472, VIGILANCE-VUL-11830.
Description of the vulnerability
When the SIP inspection is enabled, an attacker can force Cisco ASA to allocate numerous resources ("pre-allocated secondary pinholes"), in order to create a denial of service.
Technical details are unknown.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides a software vulnerability management
. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.