漏洞类别:Cisco
漏洞等级: 
漏洞信息
A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.
The vulnerability is due to a buffer overflow in the affected code area.
漏洞危害
An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system.
解决方案
Refer to Cisco ASA advisory cisco-sa-20161019-asa-idfw for updates and patch information.
Workaround:
Customers can disable NetBIOS probing in the ASA software by entering the following commands at the enable prompt:
ciscoasa# configure terminal
ciscoasa(config)# no user-identity logout-probe netbios local-system
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论