Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20120314-asa)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.

Synopsis :

The remote security device is missing a vendor-supplied security

Description :

The remote Cisco ASA is missing a security patch and may be affected
by the following issues :

- When UDP inspection is enabled, inspecting malformed
transit traffic could cause the device to reload.

- When the Threat Detection feature is configured with the
Scanning Threat Mode feature and the 'shun' option is
enabled, unspecified transit traffic could cause the device
to reload. (CVE-2012-0354)

- A vulnerability in syslog could result in a device reload if
specially crafted transit traffic is received. (CVE-2012-0355)

- When multicast routing is enabled, processing a specially
crafted Protocol Independent Multicast (PIM) message
can cause the device to reload. (CVE-2012-0356)

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 58831 ()

Bugtraq ID: 52482

CVE ID: CVE-2012-0353