Cisco ASA 5500 Series Multiple DoS Vulnerabilities (cisco-sa-20100804-asa)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.

Synopsis :

The remote security device is missing a vendor-supplied security patch.

Description :

The remote Cisco ASA is missing a security patch and may be vulnerable
to the following issues :

- Multiple DoS vulnerabilities in the SunRPC inspection
engine that can be triggered by sending unspecified
UDP packets.
(CVE-2010-1578, CVE-2010-1579, CVE-2010-1580)

- Multiple TLS DoS vulnerabilities. Devices configured
for SSL VPN, TLS Proxy for Encrypted Voice Inspection,
or ASDM management connections are vulnerable.
(CVE-2010-1581, CVE-2010-2814, CVE-2010-2815)

- A DoS vulnerability in the SIP inspection engine.

- An unspecified DoS vulnerability in the IKE implementation.

A remote, unauthenticated attacker could cause the device to
reload by exploiting any of these issues.

See also :

Solution :

Apply the appropriate Cisco ASA patch (see plugin output).

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true