This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote security device is missing a vendor-supplied security patch.
The remote Cisco ASA is missing a security patch and may be vulnerable
to the following issues :
- Multiple DoS vulnerabilities in the SunRPC inspection
engine that can be triggered by sending unspecified
(CVE-2010-1578, CVE-2010-1579, CVE-2010-1580)
- Multiple TLS DoS vulnerabilities. Devices configured
for SSL VPN, TLS Proxy for Encrypted Voice Inspection,
or ASDM management connections are vulnerable.
(CVE-2010-1581, CVE-2010-2814, CVE-2010-2815)
- A DoS vulnerability in the SIP inspection engine.
- An unspecified DoS vulnerability in the IKE implementation.
A remote, unauthenticated attacker could cause the device to
reload by exploiting any of these issues.
See also :
Apply the appropriate Cisco ASA patch (see plugin output).
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true