CVE-2016-6432

EPSS 4.74%
Veröffentlicht 27.10.2016 21:59:07
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Adaptive Security Appliance Software Version8.4.0

Cisco ≫ Adaptive Security Appliance Software Version8.4.2

Cisco ≫ Adaptive Security Appliance Software Version8.4.2.1

Cisco ≫ Adaptive Security Appliance Software Version8.4.2.8

Cisco ≫ Adaptive Security Appliance Software Version8.4.3

Cisco ≫ Adaptive Security Appliance Software Version8.4.3.8

Cisco ≫ Adaptive Security Appliance Software Version8.4.3.9

Cisco ≫ Adaptive Security Appliance Software Version8.4.4

Cisco ≫ Adaptive Security Appliance Software Version8.4.4.1

Cisco ≫ Adaptive Security Appliance Software Version8.4.4.3

Cisco ≫ Adaptive Security Appliance Software Version8.4.4.5

Cisco ≫ Adaptive Security Appliance Software Version8.4.4.9

Cisco ≫ Adaptive Security Appliance Software Version8.4.5

Cisco ≫ Adaptive Security Appliance Software Version8.4.5.6

Cisco ≫ Adaptive Security Appliance Software Version8.4.6

Cisco ≫ Adaptive Security Appliance Software Version8.4.7

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.3

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.15

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.22

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.23

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.26

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.28

Cisco ≫ Adaptive Security Appliance Software Version8.4.7.29

Cisco ≫ Adaptive Security Appliance Software Version8.5.1

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.1

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.6

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.7

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.14

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.17

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.18

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.19

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.21

Cisco ≫ Adaptive Security Appliance Software Version8.5.1.24

Cisco ≫ Adaptive Security Appliance Software Version8.6.1

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.1

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.2

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.5

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.10

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.12

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.13

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.14

Cisco ≫ Adaptive Security Appliance Software Version8.6.1.17

Cisco ≫ Adaptive Security Appliance Software Version8.7.1

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.1

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.3

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.4

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.7

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.8

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.11

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.13

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.16

Cisco ≫ Adaptive Security Appliance Software Version8.7.1.17

Cisco ≫ Adaptive Security Appliance Software Version9.0.1

Cisco ≫ Adaptive Security Appliance Software Version9.0.2

Cisco ≫ Adaptive Security Appliance Software Version9.0.2.10

Cisco ≫ Adaptive Security Appliance Software Version9.0.3

Cisco ≫ Adaptive Security Appliance Software Version9.0.3.6

Cisco ≫ Adaptive Security Appliance Software Version9.0.3.8

Cisco ≫ Adaptive Security Appliance Software Version9.0.4

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.1

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.5

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.7

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.17

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.20

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.24

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.26

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.29

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.33

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.35

Cisco ≫ Adaptive Security Appliance Software Version9.0.4.37

Cisco ≫ Adaptive Security Appliance Software Version9.1.1

Cisco ≫ Adaptive Security Appliance Software Version9.1.1.4

Cisco ≫ Adaptive Security Appliance Software Version9.1.2

Cisco ≫ Adaptive Security Appliance Software Version9.1.2.8

Cisco ≫ Adaptive Security Appliance Software Version9.1.3

Cisco ≫ Adaptive Security Appliance Software Version9.1.3.2

Cisco ≫ Adaptive Security Appliance Software Version9.1.4

Cisco ≫ Adaptive Security Appliance Software Version9.1.4.5

Cisco ≫ Adaptive Security Appliance Software Version9.1.5

Cisco ≫ Adaptive Security Appliance Software Version9.1.5.10

Cisco ≫ Adaptive Security Appliance Software Version9.1.5.12

Cisco ≫ Adaptive Security Appliance Software Version9.1.5.15

Cisco ≫ Adaptive Security Appliance Software Version9.1.5.21

Cisco ≫ Adaptive Security Appliance Software Version9.1.6

Cisco ≫ Adaptive Security Appliance Software Version9.1.6.1

Cisco ≫ Adaptive Security Appliance Software Version9.1.6.4

Cisco ≫ Adaptive Security Appliance Software Version9.1.6.6

Cisco ≫ Adaptive Security Appliance Software Version9.1.6.8

Cisco ≫ Adaptive Security Appliance Software Version9.1.6.10

Cisco ≫ Adaptive Security Appliance Software Version9.2.1

Cisco ≫ Adaptive Security Appliance Software Version9.2.2

Cisco ≫ Adaptive Security Appliance Software Version9.2.2.4

Cisco ≫ Adaptive Security Appliance Software Version9.2.2.7

Cisco ≫ Adaptive Security Appliance Software Version9.2.2.8

Cisco ≫ Adaptive Security Appliance Software Version9.2.3

Cisco ≫ Adaptive Security Appliance Software Version9.2.3.3

Cisco ≫ Adaptive Security Appliance Software Version9.2.3.4

Cisco ≫ Adaptive Security Appliance Software Version9.2.4

Cisco ≫ Adaptive Security Appliance Software Version9.2.4.2

Cisco ≫ Adaptive Security Appliance Software Version9.2.4.4

Cisco ≫ Adaptive Security Appliance Software Version9.3.1

Cisco ≫ Adaptive Security Appliance Software Version9.3.1.1

Cisco ≫ Adaptive Security Appliance Software Version9.3.2

Cisco ≫ Adaptive Security Appliance Software Version9.3.2.2

Cisco ≫ Adaptive Security Appliance Software Version9.3.3

Cisco ≫ Adaptive Security Appliance Software Version9.3.3.1

Cisco ≫ Adaptive Security Appliance Software Version9.3.3.2

Cisco ≫ Adaptive Security Appliance Software Version9.3.3.5

Cisco ≫ Adaptive Security Appliance Software Version9.3.3.6

Cisco ≫ Adaptive Security Appliance Software Version9.3.5

Cisco ≫ Adaptive Security Appliance Software Version9.4.0.115

Cisco ≫ Adaptive Security Appliance Software Version9.4.1

Cisco ≫ Adaptive Security Appliance Software Version9.4.1.1

Cisco ≫ Adaptive Security Appliance Software Version9.4.1.2

Cisco ≫ Adaptive Security Appliance Software Version9.4.1.3

Cisco ≫ Adaptive Security Appliance Software Version9.4.1.5

Cisco ≫ Adaptive Security Appliance Software Version9.4.2

Cisco ≫ Adaptive Security Appliance Software Version9.4.2.3

Cisco ≫ Adaptive Security Appliance Software Version9.5.1

Cisco ≫ Adaptive Security Appliance Software Version9.5.2

Cisco ≫ Adaptive Security Appliance Software Version9.6.0

Cisco ≫ Adaptive Security Appliance Software Version9.6.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.74%	0.89

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/93784

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1037059

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2016-6432

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-6432

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-6432

EUVD