CVE-2007-2461

CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

6.6%

top 8.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software Cisco PIX

Timeline

PublishedMay 2

Latest updateMay 1

Description

The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDcisco/adaptive_security_appliance_software7.2.2

▶NVDcisco/pix7.2

Patches

Patch: www.cisco.com ↗Patch: www.kb.cert.org ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-vwjv-mqrc-fc89: The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7↗2022-05-01

▶

CVEList

CVE-2007-2461: The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7↗2007-05-02

▶

📋Vendor Advisories

Cisco

Cisco PIX/ASA DHCP Relay Agent Memory Leak Vulnerability↗2007-05-02

▶