This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.
The remote security device is missing a vendor-supplied security
The remote Cisco ASA is missing a security patch and may be affected
by the following issues :
- When MSN IM inspection is enabled, inspecting malformed
transit traffic could cause the device to reload.
- TACACS+ authentication can be bypassed by an attacker
with access between the ASA and the TACACS+ server.
- Four DoS vulnerabilities in the SunRPC inspection
engine can be triggered by specially crafted
UDP traffic, causing the device to reload.
(CVE-2011-3299, CVE-2011-3300, CVE-2011-3301, CVE-2011-3302)
- When ILS inspection is enabled, inspecting malformed
transit traffic could cause the device to reload,
resulting in a sustained DoS condition. (CVE-2011-3303)
See also :
Apply the appropriate Cisco ASA patch (see plugin output).
Risk factor :
High / CVSS Base Score : 7.9
CVSS Temporal Score : 6.5
Public Exploit Available : true