Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20110223-asa)

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote security device is missing a vendor-supplied security patch.

Description :

The remote Cisco ASA device is missing a security patch and may be
affected by the following issues :

- When configured for transparent firewall mode, a packet
buffer exhaustion vulnerability could cause the appliance
to stop forwarding traffic. (CVE-2011-0393)

- When SCCP inspection is enabled, a malformed SCCP
message could cause the appliance to reload.
(CVE-2011-0394)

- If both RIP and the Cisco Phone Proxy feature are enabled,
the appliance may reload when processing valid
RIP updates. (CVE-2011-0395)

- When the appliance is configured as a local CA server,
unauthorized users can obtain sensitive data without
providing authentication. (CVE-2011-0396)

See also :

http://www.nessus.org/u?acf4073e
http://www.nessus.org/u?1b415a2e

Solution :

Apply the appropriate patch (see plugin output).

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 52586 ()

Bugtraq ID: 46518
46524

CVE ID: CVE-2011-0393
CVE-2011-0394
CVE-2011-0395
CVE-2011-0396