MacOSX Cisco AnyConnect Secure Mobility Client Multiple Vulnerabilities

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

The remote host has software installed that is affected by multiple
vulnerabilities.

Description :

The remote host has a version of Cisco AnyConnect < 2.5 MR6 / 3.0 MR8.
Such versions are potentially affected by multiple vulnerabilities :

- The WebLaunch VPN downloader implementation does not
properly validate binaries that are received, which can
allow remote attackers to execute arbitrary code via
ActiveX of Java components. (CVE-2012-2493).

- The WebLaunch VPN downloader implementation does not
compare timestamps of offered software to install with
currently installed software, which may allow remote
attackers to downgrade the software via ActiveX of Java
components. (CVE-2012-2494, CVE-2012-2495).

See also :

http://www.zerodayinitiative.com/advisories/ZDI-12-149/
http://www.zerodayinitiative.com/advisories/ZDI-12-156/
http://archives.neohapsis.com/archives/fulldisclosure/2012-08/0269.html
http://archives.neohapsis.com/archives/fulldisclosure/2012-08/0278.html
http://www.nessus.org/u?b0b6c065

Solution :

Upgrade to Cisco AnyConnect Secure Mobility Client 2.5 MR6 / 3.0 MR8
or greater.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: MacOS X Local Security Checks

Nessus Plugin ID: 59823 ()

Bugtraq ID: 54107
54108

CVE ID: CVE-2012-2493
CVE-2012-2494
CVE-2012-2495

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial