Cisco has delivered a security update for flaws in its popular PIX 500 Series Security Appliance (PIX) and 5500 Series Adaptive Security Appliance (ASA).
Says Cisco: “A crafted IP packet vulnerability exists in the Cisco PIX 500 Series Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security Appliance (ASA) that may result in a reload of the device. This vulnerability is triggered during processing of a crafted IP packet when the Time-to-Live (TTL) decrement feature is enabled.”
Secunia deemed this issue “moderately critical” in Secunia advisory SA28625, saying that the bad guys can exploit this to launch denial-of-service attacks.
“The vulnerability is caused due to an unspecified error in the processing of IP packets,” Secunia said. “This can be exploited to reload an affected device via specially crafted IP packets.”