{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-10-10T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "55863", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55863"}, {"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"}, {"name": "50857", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50857"}, {"name": "86146", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/86146"}, {"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"}, {"name": "cisco-fwsm-dcerpc-bo(79173)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2012-4661", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "55863", "refsource": "BID", "url": "http://www.securityfocus.com/bid/55863"}, {"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"}, {"name": "50857", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50857"}, {"name": "86146", "refsource": "OSVDB", "url": "http://osvdb.org/86146"}, {"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"}, {"name": "cisco-fwsm-dcerpc-bo(79173)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:42:55.109Z"}, "title": "CVE Program Container", "references": [{"name": "55863", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/55863"}, {"name": "20121010 Multiple Vulnerabilities in Cisco Firewall Services Module", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"}, {"name": "50857", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50857"}, {"name": "86146", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/86146"}, {"name": "20121010 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"}, {"name": "cisco-fwsm-dcerpc-bo(79173)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2012-4661", "datePublished": "2012-10-29T20:00:00", "dateReserved": "2012-08-24T00:00:00", "dateUpdated": "2024-08-06T20:42:55.109Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*", "matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*", "matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9E87F3D-669C-4451-A4C4-E8FE04769248", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*", "matchCriteriaId": "4154E951-DE5D-4D48-B5BA-B3CCDDA3FBA2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "2BFCE154-6582-49E2-9B9D-641986B7D653", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "563181F6-6A37-496B-AE25-0D03214BA7BD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*", "matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*", "matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*", "matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.34), 8.4 before 8.4(4.4), 8.5 before 8.5(1.13), and 8.6 before 8.6(1.3) and the Firewall Services Module (FWSM) 4.1 before 4.1(9) in Cisco Catalyst 6500 series switches and 7600 series routers might allow remote attackers to execute arbitrary code via a crafted DCERPC packet, aka Bug IDs CSCtr21359 and CSCtr27522."}, {"lang": "es", "value": "El motor de inspecci\u00f3n DCERPC en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500, y el M\u00f3dulo de Servicios de ASA (ASASM) en los dispositivos Cisco Catalyst 6500, con la versi\u00f3n del software anterior a la v8.3(2.25), v8.4 antes de v8.4 (2,5) y v8.5 antes de v8.5(1.13) y v8.6 antes de v8.6(1.3) y el m\u00f3dulo Firewall Services Module (FWSM) v4.1 antes de v4.1(7) en los switches Cisco Catalyst 6500 y los routers de la serie 7600, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de un paquete DCERPC modificado, tambi\u00e9n conocido como bug CSCtr21359 y CSCtr27522."}], "id": "CVE-2012-4661", "lastModified": "2023-08-15T14:41:35.310", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:C/I:P/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 9.5, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-29T20:55:01.257", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/86146"}, {"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/50857"}, {"source": "ykramarz@cisco.com", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa"}, {"source": "ykramarz@cisco.com", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-fwsm"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/55863"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79173"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}