====================================================================

                              CERT-Renater

                 Note d'Information No. 2017/VULN285
_____________________________________________________________________

DATE                : 05/10/2017

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Cisco Adaptive Security Appliance Software.

=====================================================================
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa
____________________________________________________________________

Cisco Security Advisory: Cisco Adaptive Security Appliance Software
Direct Authentication Denial of Service Vulnerability

Advisory ID: cisco-sa-20171004-asa

Revision: 1.0

For Public Release: 2017 October 4 16:00 GMT

Last Updated: 2017 October 4 16:00 GMT

CVE ID(s): CVE-2017-12246

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+---------------------------------------------------------------------

Summary
=======
A vulnerability in the implementation of the direct authentication
feature in Cisco Adaptive Security Appliance (ASA) Software could allow
an unauthenticated, remote attacker to cause an affected device to
unexpectedly reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to incomplete input validation of the HTTP
header. An attacker could exploit this vulnerability by sending a
crafted HTTP request to the local IP address of an affected device. A
successful exploit could allow the attacker to cause the affected
device to reload.

Note: Only traffic directed to the affected system can be used to
exploit this vulnerability. This vulnerability affects systems that
have the direct authentication feature enabled. This vulnerability can
be triggered by IPv4 or IPv6 traffic.

Cisco has released software updates that address this vulnerability.
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa
["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa"]


==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================