Cisco ASA 5500 Series Adaptive Security Appliance NTLMv1 Authentication Bypass (cisco-sa-20100217-asa)

high Nessus Plugin ID 44945

Synopsis

The remote SSL VPN Server is vulnerable to an authentication bypass vulnerability.

Description

The remote host is a Cisco Adaptive Security Appliance (ASA). The version of the software used on this appliance is affected by an NT LAN Manager version 1 (NTLMv1) authentication bypass vulnerability.

An attacker can exploit this flaw to log into the remote network without supplying any credentials.

Solution

Install the appropriate firmware upgrade as described in the vendor's advisory.

See Also

http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml

Plugin Details

Severity: High

ID: 44945

File Name: cisco_asa_multiple_flaws2.nbin

Version: 1.90

Type: remote

Family: Firewalls

Published: 3/1/2010

Updated: 7/17/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/17/2010

Vulnerability Publication Date: 2/17/2010

Reference Information

CVE: CVE-2010-0568

BID: 38279