CVE-2009-1157Missing Release of Memory after Effective Lifetime in Cisco Adaptive Security Appliance 5500

CWE-264CWE-3998 documents7 sources
Severity
7.8HIGHNVD
EPSS
4.9%
top 10.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Adaptive Security Appliance 5500Cisco PIX
Timeline
PublishedApr 9
Latest updateMay 2

Description

Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

NVDcisco/pix5 versions+4

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-gfg2-qwmm-84qp: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 72022-05-02
CVEList
CVE-2009-1157: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 72009-04-09

💥Exploits & PoCs

1
Exploit-DB
Apache Tomcat 5.5.0 < 5.5.29 / 6.0.0 < 6.0.26 - Information Disclosure2010-04-22

📋Vendor Advisories

2
Cisco
Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances2009-04-08
Red Hat
kernel: splice local denial of service2009-04-06

💬Community

2
Bugzilla
CVE-2009-5065 CVE-2011-1156 CVE-2011-1157 CVE-2011-1158 python-feedparser: multiple flaws corrected in version 5.0.12011-03-14
Bugzilla
CVE-2009-2901 CVE-2009-2902 CVE-2009-2693 CVE-2010-1157 tomcat: multiple vulnerabilities [fedora-all]2010-04-23
CVE-2009-1157 — Cisco vulnerability | cvebase