{"vuid":"VU#530057","idnumber":"530057","name":"Cisco ASA fails to properly process DHCP relay packets","keywords":["Cisco","ASA","dhcp relay packets","denial of service","INFO#111001"],"overview":"The Cisco Adaptive Security Appliance contains a memory exhaustion vulnerability that may occur when the DHCP service relay is enabled.","clean_desc":"The Cisco Adaptive Security Appliance (ASA) is firewall that includes routing and intrusion prevention system (IPS) features. DHCP relay allows network devices to forward DHCP broadcast packets from a network segment that does not have a DHCP server to one that does. The Cisco ASA supports DHCP relay. The Cisco ASA DHCP relay service contains a memory exhaustion vulnerability. An attacker may trigger the vulnerability by sending a large number of DHCP requests to a vulnerable system.","impact":"An unauthenticated attacker may be able to create a denial-of-service condition.","resolution":"Update\nCisco has released an update to address this issue. See Cisco BUG ID: CSCsh50277 for more details.","workarounds":"Increase DHCP lease times Increasing the DHCP lease times may lengthen the amount of time required for an attacker to exhaust the available memory on a vulnerable system.","sysaffected":"","thanks":"This vulnerability was discovered by Lisa Sittler and Grant Deffenbaugh of CERT/CC.","author":"This document was written by Ryan Giobbi.","public":["http://www.cisco.com/en/US/products/ps6120/index.html","http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsh50277","http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080636f31.html","http://en.wikipedia.org/wiki/Intrusion-prevention_system","http://www.cisco.com/warp/public/707/cisco-sr-20070502-pix.shtml"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2007-01-12T14:22:47Z","publicdate":"2007-05-02T00:00:00Z","datefirstpublished":"2007-05-02T14:32:28Z","dateupdated":"2007-05-03T20:24:18Z","revision":29,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"3","cam_impact":"10","cam_easeofexploitation":"19","cam_attackeraccessrequired":"12","cam_scorecurrent":"0.64125","cam_scorecurrentwidelyknown":"3.20625","cam_scorecurrentwidelyknownexploited":"5.77125","ipprotocol":"udp","cvss_accessvector":"--","cvss_accesscomplexity":"--","cvss_authentication":null,"cvss_confidentialityimpact":"--","cvss_integrityimpact":"--","cvss_availabilityimpact":"--","cvss_exploitablity":null,"cvss_remediationlevel":"ND","cvss_reportconfidence":"ND","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"0","cvss_basevector":"AV:--/AC:--/Au:--/C:--/I:--/A:--","cvss_temporalscore":"0","cvss_environmentalscore":"0","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":0.64125,"vulnote":null}