Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20121010-asa)

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.


Synopsis :

The remote security device is missing a vendor-supplied security
patch.

Description :

The remote Cisco ASA is missing a security patch and, therefore, may be
affected by the following issues :

- A remote, unauthenticated attacker could cause a denial
of service by sending specially crafted DHCP packets.
(CVE-2012-4643)

- When configured for Clientless or AnyConnect SSL VPN,
receiving a specially crafted AAA response could cause
a denial of service. (CVE-2012-4659)

- A remote, unauthenticated attacker could cause a denial
of service by sending a specially crafted SIP packet.
(CVE-2012-4660)

- A remote, unauthenticated attacker could execute
arbitrary code by exploiting a stack-based buffer
overflow in the DCERPC inspection engine.
(CVE-2012-4661)

- A remote, unauthenticated attacker could cause a
denial of service by exploiting vulnerabilities in the
DCERPC inspection engine.
(CVE-2012-4662, CVE-2012-4663)

See also :

http://www.nessus.org/u?7164c1ce

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20121010-asa.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true