Detections
Analytics
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (cisco-sa-20100217-asa)
high Nessus Plugin ID 44914
Language:
Synopsis
The remote SSL VPN Server is vulnerable to various flawsDescription
The remote host is a Cisco Adaptive Security Appliance (ASA). The remote version of the software used on this appliance is affected by the following security flaws :- A TCP connection exhaustion denial of service vulnerability. (CVE-2010-0149)
- Two Session Initiation Protocol (SIP) inspection denial of service vulnerabilities. (CVE-2010-0150 and CVE-2010-0569)
- A Skinny Client Control Protocol (SCCP) inspection denial of service vulnerability. (CVE-2010-0151)
- A WebVPN Datagram Transport Layer Security (DTLS) denial of service vulnerability. (CVE-2010-0565)
- A crafted TCP segment denial of service vulnerability.
(CVE-2010-0566)
- A crafted Internet Key Exchange (IKE) message denial of service vulnerability. (CVE-2010-0567)
- An NT LAN Manager version 1 (NTLMv1) authentication bypass vulnerability. (CVE-2010-0568)
An attacker could exploit these flaws to crash the remote device, or to log into the remote VPN (when configured to use NTLMv1 authentication).
Solution
Install the appropriate firmware upgrade as described in the vendor's advisory.See Also
http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml
Plugin Details
Severity: High
ID: 44914
File Name: cisco_asa_multiple_flaws.nbin
Version: 1.87
Type: remote
Family: Firewalls
Published: 2/25/2010
Updated: 7/17/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.0
CVSS v2
Risk Factor: High
Base Score: 9.4
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C
Vulnerability Information
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 2/17/2010
Vulnerability Publication Date: 2/17/2010
Reference Information
CVE: CVE-2010-0149, CVE-2010-0150, CVE-2010-0151, CVE-2010-0565, CVE-2010-0566, CVE-2010-0567, CVE-2010-0568, CVE-2010-0569