Cisco Bug: CSCus74398 - Cisco ASA PIM Multicast Registration Vulnerability
Nov 09, 2016
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
100.13(0.21) 100.13(20.3) 100.13(21.9) 100.14(1.1) 9.2(0.0) 9.2(0.104) 9.2(3.1) 9.2(3.4) 9.3(1.105) 9.3(2.100) 9.4(0.115)
Symptom: A vulnerability in Protocol Independent Multicast (PIM) application of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to disrupt the multicast traffic forwarding on the affected device via a denial-of-service (DoS) attack. The vulnerability is due to an inconsistency in how the PIM Registration is implemented for multicast forwarding. An attacker could exploit this vulnerability by sending a crafted multicast packet to the affected device. An exploit could allow the attacker to disrupt the multicast forwarding via a DoS attack. Conditions: The ASA is configured for PIM multicast configuration running an affected version of software. To determine if PIM Multicast is configured on this device the following command can be used: 1. This will verify if the PIM Rendezvous Point (RP) is configured. ciscoasa# show running-config | in pim pim rp-address 18.104.22.168 2. The command ''show pim interface'' to verify that multicast is properly configured on the interface.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases