This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote security device is missing a vendor-supplied security patch.
The remote Cisco ASA is missing a security patch and may be vulnerable
to the following issues :
- Multiple DoS vulnerabilities in the SunRPC inspection
engine that can be triggered by sending unspecified
(CVE-2010-1578, CVE-2010-1579, CVE-2010-1580)
- Multiple TLS DoS vulnerabilities. Devices configured
for SSL VPN, TLS Proxy for Encrypted Voice Inspection,
or ASDM management connections are vulnerable.
(CVE-2010-1581, CVE-2010-2814, CVE-2010-2815)
- A DoS vulnerability in the SIP inspection engine.
- An unspecified DoS vulnerability in the IKE implementation.
A remote, unauthenticated attacker could cause the device to
reload by exploiting any of these issues.
See also :
Apply the appropriate Cisco ASA patch (see plugin output).
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true
Nessus Plugin ID: 56045 ()
Bugtraq ID: 4218742188421894219042192421954219642198
CVE ID: CVE-2010-1578CVE-2010-1579CVE-2010-1580CVE-2010-1581CVE-2010-2814CVE-2010-2815CVE-2010-2816CVE-2010-2817
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.