CVE-2012-4643 Information

Description

The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices with software 7.0 before 7.2(5.8) 7.1 before 7.2(5.8) 7.2 before 7.2(5.8) 8.0 before 8.0(5.28) 8.1 before 8.1(2.56) 8.2 before 8.2(5.27) 8.3 before 8.3(2.31) 8.4 before 8.4(3.10) 8.5 before 8.5(1.9) and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets aka Bug ID CSCtw84068.

Reference

http://osvdb.org/86145 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa http://www.securityfocus.com/bid/55861