Details of VAR-201410-0075

ID

VAR-201410-0075

CVE

CVE-2014-3388

TITLE

Cisco ASA Software DNS Service disruption in inspection engines (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-004662

DESCRIPTION

The DNS inspection engine in Cisco ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2) allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCuo68327. Cisco Adaptive Security Appliance (ASA) Software is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCuo68327. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more. The vulnerability is caused by the program's improper handling of DNS packets. The following releases are affected: Cisco ASA Software 9.0 prior to 9.0(4.13), 9.1 prior to 9.1(5.7), and 9.2 prior to 9.2(2)

Trust: 1.98

sources: NVD: CVE-2014-3388 // JVNDB: JVNDB-2014-004662 // BID: 70305 // VULHUB: VHN-71328

AFFECTED PRODUCTS

vendor:	cisco	model:	asa	scope:	eq	version:	9.0	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	9.2	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	9.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.13)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1(5.7)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.2(2)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.1	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	(asa)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.2	Trust: 0.8

sources: JVNDB: JVNDB-2014-004662 // CNNVD: CNNVD-201410-211 // NVD: CVE-2014-3388

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3388
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-3388
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201410-211
value:	HIGH
Trust: 0.6
VULHUB:	VHN-71328
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-3388
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-71328
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-71328 // JVNDB: JVNDB-2014-004662 // CNNVD: CNNVD-201410-211 // NVD: CVE-2014-3388

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-71328 // JVNDB: JVNDB-2014-004662 // NVD: CVE-2014-3388

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-211

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201410-211

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004662

PATCH

title:	cisco-sa-20141008-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Trust: 0.8
title:	35911	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=35911	Trust: 0.8
title:	cisco-sa-20141008-asa	url:	http://www.cisco.com/cisco/web/support/JP/112/1126/1126286_cisco-sa-20141008-asa-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2014-004662

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3388	Trust: 2.8
db:	JVNDB	id:	JVNDB-2014-004662	Trust: 0.8
db:	CNNVD	id:	CNNVD-201410-211	Trust: 0.7
db:	BID	id:	70305	Trust: 0.4
db:	VULHUB	id:	VHN-71328	Trust: 0.1

sources: VULHUB: VHN-71328 // BID: 70305 // JVNDB: JVNDB-2014-004662 // CNNVD: CNNVD-201410-211 // NVD: CVE-2014-3388

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141008-asa	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3388	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3388	Trust: 0.8
url:	www.cisco.com	Trust: 0.3

sources: VULHUB: VHN-71328 // BID: 70305 // JVNDB: JVNDB-2014-004662 // CNNVD: CNNVD-201410-211 // NVD: CVE-2014-3388

CREDITS

Cisco

Trust: 0.3

sources: BID: 70305

SOURCES

db:	VULHUB	id:	VHN-71328
db:	BID	id:	70305
db:	JVNDB	id:	JVNDB-2014-004662
db:	CNNVD	id:	CNNVD-201410-211
db:	NVD	id:	CVE-2014-3388

LAST UPDATE DATE

2025-04-13T23:04:48.540000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-71328	date:	2014-10-13T00:00:00
db:	BID	id:	70305	date:	2014-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2014-004662	date:	2014-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201410-211	date:	2014-10-14T00:00:00
db:	NVD	id:	CVE-2014-3388	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-71328	date:	2014-10-10T00:00:00
db:	BID	id:	70305	date:	2014-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2014-004662	date:	2014-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201410-211	date:	2014-10-14T00:00:00
db:	NVD	id:	CVE-2014-3388	date:	2014-10-10T10:55:06.430