Multiple Vulnerabilities in Cisco ASA Products

Posted: October 13, 2012 in Vulnerabilities
Tags:

Cisco logoVulnerability: Multiple Vulnerabilities in Cisco ASA Products

Danger: Middle
Patch: Yes
Number of vulnerabilities: 6
CVE ID: CVE-2012-4643
CVE-2012-4659
CVE-2012-4660
CVE-2012-4661
CVE-2012-4662
CVE-2012-4663
Impact: Denial of service, System compromise
Affected Products: Cisco Adaptive Security Appliance (ASA) 7.x, Cisco Adaptive Security Appliance (ASA) 8.x, Cisco ASA 5500 Series Adaptive Security Appliances.

Affected versions:

  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco Adaptive Security Appliance (ASA) version up to 7.2 (5.8) 8.0 (5.28) 8.1 (2.56) 8.2 (5.33) 8.3 (2.34) 8.4 (4.5) 8.5 (1.14) 8.6 (1.5).

Description:

Which can be exploited by malicious people to cause a DoS attack and execute arbitrary code on the target system.

1. The vulnerability is caused due to memory allocation errors in the internal structure DHCP. This can be exploited via a specially crafted DHCP transit or direct traffic to cause reset the device. Successful exploitation requires that the system has been set up DHCP relay or DHCP server.

2. An error in the processing of SSL VPN authentication code AAA. This can be exploited via a specially crafted authentication packet call reset the device. Successful exploitation requires that the Cisco ASA is configured to work with the Clientless or AnyConnect SSL VPN.

3. An error in the validation mechanism SIP (Session Initiation Protocol). This can be exploited via a specially crafted SIP media update package triggered a reset device. Successful exploitation requires that the verification of SIP was included.

4. Three vulnerability is caused due to insufficient processing DCERPC transit traffic to the scan DCERPC. A remote user can cause denial of service or compromise a vulnerable system. The vulnerability:
https://malwarelist.wordpress.com/2012/10/12/multiple-vulnerabilities-in-cisco/

Manufacturer: Cisco Systems, Inc.

Solution: Install the latest version from the manufacturer.

Links:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s