A vulnerability in the DNS code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload.

The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a crafted request to an affected Cisco ASA device to cause it to generate a DNS request packet. The attacker would need to spoof the reply packet with a crafted DNS response.

Note: This vulnerability can be exploited only by traffic that is directed to the affected device. This vulnerability affects Cisco ASA Software configured in routed or transparent firewall mode and single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.

This vulnerability is documented in Cisco bug ID CSCuu07799 (registered customers only) and Common Vulnerabilities and Exposures (CVE) ID CVE-2015-6326.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns2

Leave a Reply