Published: 23/04/2014 Updated: 24/04/2014
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote malicious users to cause a denial of service (memory consumption and instability) via crafted SIP packets, aka Bug ID CSCuf67469.

Affected Products

Vendor Advisories

A vulnerability in the Session Initiation Protocol (SIP) inspection engine code could allow an unauthenticated, remote attacker to cause a slow memory leak, which may cause instability on the affected system The vulnerability is due to improper handling of SIP packets inspected by the Cisco Adaptive Security Appliance (ASA) SIP inspection engine ...