Cisco ASA 5500 Series Adaptive Security Appliance NTLMv1 Authentication Bypass (cisco-sa-20100217-asa)

This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.


Synopsis :

The remote SSL VPN Server is vulnerable to an authentication bypass vulnerability.

Description :

The remote host is a Cisco Adaptive Security Appliance (ASA). The
version of the software used on this appliance is affected by an NT
LAN Manager version 1 (NTLMv1) authentication bypass vulnerability.

An attacker can exploit this flaw to log into the remote network
without supplying any credentials.

See also :

http://www.cisco.com/warp/public/707/cisco-sa-20100217-asa.shtml

Solution :

Install the appropriate firmware upgrade as described in the vendor's
advisory.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Firewalls

Nessus Plugin ID: 44945 ()

Bugtraq ID: 38279

CVE ID: CVE-2010-0568