vulnerability CVE-2012-0387 CVE-2012-0388 CVE-2012-1310
Cisco IOS: memory free of Zone-Based Firewall
Synthesis of the vulnerability
An attacker can use four memory leaks of the Zone-Based Firewall feature, in order to create a denial of service.Impacted products:
Cisco Catalyst, IOS, Cisco Router xx00 Series.
BID-52753, cisco-sa-20120328-zbfw, CSCti46171, CSCto89536, CSCtq36153, CSCtq45553, CVE-2012-0387, CVE-2012-0388, CVE-2012-1310, CVE-2012-1315, VIGILANCE-VUL-11510.
Description of the vulnerability
The Zone-Based Firewall feature is used to create rules on zones where interfaces are located. However, four vulnerabilities were announced in ZFW.
Some IP packets generate a memory leak. [severity:3/4; CSCto89536, CVE-2012-1310]
An attacker can generate a memory leak during the HTTP inspection. [severity:3/4; CSCtq36153, CVE-2012-0387]
An attacker can generate a memory leak during the H.323 inspection. [severity:3/4; CSCtq45553, CVE-2012-0388]
An attacker can generate a memory leak during the SIP inspection. [severity:3/4; CSCti46171, CVE-2012-1315]
An attacker can therefore use four memory leaks of the Zone-Based Firewall feature, in order to create a denial of service.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides a systems vulnerabilities bulletin
. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.