Main Menu

Mailing List

Name:

Email:

Archive

Archive

[SingCERT] Cisco ASA 5500 Series Adaptive Security Appliances Multiple Vulnerabilities

Last Updated on Thursday, 24 February 2011 11:47

[ Summary ]

Cisco ASA 5500 series security appliances are prone to multiple remote vulnerabilities; fixes are available.

Cisco Adaptive Security Appliance (ASA) 5500 series security appliances are network security devices. The Cisco ASA 5500 series security appliances are prone to the following remote vulnerabilities:

1. A denial-of-service vulnerability. Attackers can exploit this issue to reload the appliances when processing valid RIP updates. A successful exploit requires that both RIP and Cisco Phone Proxy features are enabled. This issue is tracked by Cisco bug  ID CSCtg66583 and CVE-2011-0395.

2. A security-bypass vulnerability exits in the CA server. An attacker can exploit this issue to allow unauthorized users to access a file system to gain access to sensitive information. This issue is tracked by Cisco bug ID CSCtk12352 and CVE-2011-0396.

3. A security-bypass vulnerability that occurs due to packet-buffer exhaustion. This issue is tracked by Cisco bug ID CSCtj04707 and CVE-2011-0393.

An attacker can exploit these issues to disclose potentially sensitive information or to cause denial-of-service conditions.

[ Affected Systems ]

  • Cisco ASA 5500 Series Adaptive Security Appliance 7.0 cpe:/h:cisco:asa_5500:7.0 NVD Cisco ASA 5500 Series Adaptive Security Appliance 7.1
  • cpe:/h:cisco:asa_5500:7.1 NVD
  • Cisco ASA 5500 Series Adaptive Security Appliance 7.2
  • cpe:/h:cisco:5500_series_adaptive_security_appliance:7.2 NVD Cisco ASA 5500 Series Adaptive Security Appliance 8.0
  • cpe:/h:cisco:5500_series_adaptive_security_appliance:8.0 SYMC Cisco ASA 5500 Series Adaptive Security Appliance 8.1
  • cpe:/h:cisco:5500_series_adaptive_security_appliance:8.1 SYMC Cisco ASA 5500 Series Adaptive Security Appliance 8.2
  • cpe:/h:cisco:5500_series_adaptive_security_appliance:8.2 SYMC Cisco ASA 5500 Series Adaptive Security Appliance 8.3
  • cpe:/h:cisco:5500_series_adaptive_security_appliance:8.3 SYMC Cisco ASA 5500 Series Adaptive Security Appliance 8.4
  • cpe:/h:cisco:5500_series_adaptive_security_appliance:8.4 SYMC

[ Impact Analysis ]

An attacker can exploit these issues to disclose potentially sensitive information or to cause denial-of-service conditions.  

[ Solution/Workaround ]

Vendor updates are available. Please see the referenced advisory for details.

[ Reference ]

< Prev   Next >