Guest

Preview Tool

Cisco Bug: CSCus74398 - Cisco ASA PIM Multicast Registration Vulnerability

Last Modified

Nov 09, 2016

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

100.13(0.21) 100.13(20.3) 100.13(21.9) 100.14(1.1) 9.2(0.0) 9.2(0.104) 9.2(3.1) 9.2(3.4) 9.3(1.105) 9.3(2.100) 9.4(0.115)

Description (partial)

Symptom:
A vulnerability in Protocol Independent Multicast (PIM) application of the Cisco Adaptive Security 
Appliance (ASA) could allow an unauthenticated, remote attacker to disrupt the multicast traffic 
forwarding on the affected device via a denial-of-service (DoS) attack.

The vulnerability is due to an inconsistency in how the PIM Registration is implemented for multicast 
forwarding. An attacker could exploit this vulnerability by sending a crafted multicast packet to the affected 
device. An exploit could allow the attacker to disrupt the multicast forwarding via a DoS attack.

Conditions:
The ASA is configured for PIM multicast configuration running an affected version of software. To determine if PIM 
Multicast is configured on this device the following command can be used:

1. This will  verify if the PIM Rendezvous Point (RP) is configured.

ciscoasa# show running-config | in pim
pim rp-address 192.128.1.1

2. The command ''show pim interface'' to verify that multicast is properly configured on the interface.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.