This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote security device is missing a vendor-supplied security patch.
The remote Cisco ASA device is missing a security patch and may be
affected by the following issues :
- When configured for transparent firewall mode, a packet
buffer exhaustion vulnerability could cause the appliance
to stop forwarding traffic. (CVE-2011-0393)
- When SCCP inspection is enabled, a malformed SCCP
message could cause the appliance to reload.
- If both RIP and the Cisco Phone Proxy feature are enabled,
the appliance may reload when processing valid
RIP updates. (CVE-2011-0395)
- When the appliance is configured as a local CA server,
unauthorized users can obtain sensitive data without
providing authentication. (CVE-2011-0396)
See also :
Apply the appropriate patch (see plugin output).
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true