Intrusion PreventionCisco.IKEv2.VPN.Heap.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Cisco ASA Adaptive Security Appliance.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted packet. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted packet.
Affected Products
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco ASA 5500-X Series Next-Generation Firewalls
Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
Cisco ASA 1000V Cloud Firewall
Cisco Adaptive Security Virtual Appliance (ASAv)
Cisco Firepower 9300 ASA Security Module
Cisco ISA 3000 Industrial Security Appliance
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 41857 |
| Created | Dec 28, 2015 |
| Updated | Apr 12, 2016 |
| Risk |
|
| CVE ID | CVE-2016-1287 |
| Exploit Prediction Score | 96.88% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Cisco |