Multiple Vulnerabilities in Cisco ASA Software (cisco-sa-20140409-asa)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote Cisco ASA device is affected by one or more of the
following vulnerabilities :

- An issue exists in the Adaptive Security Device Manager
(ADSM) due to improper privilege assignment to users
with a privilege level of zero. This issue may allow
an authenticated, remote attacker to gain
administrative privileges. (CVE-2014-2126)

- An issue exists in the SSL VPN portal when the
Clientless SSL VPN feature is used which may allow an
authenticated, remote attacker to gain administrative
privileges due to improper handling of management
session information. (CVE-2014-2127)

- An issue exists in the SSL VPN feature which may allow
an unauthenticated, remote attacker to bypass
authentication resulting in unauthorized access to
internal network resources due to improper handling of
authentication cookies. (CVE-2014-2128)

- An issue exists in the SIP inspection engine which may
allow an unauthenticated, remote attacker cause a
denial of service via memory exhaustion due to improper
handling of SIP packets. (CVE-2014-2129)

It should be noted that the verification check for the presence of
CVE-2014-2128 is a best effort approach and may result in potential
false positives.

See also :

http://www.nessus.org/u?6fcb7e97

Solution :

Apply the relevant patch or workaround referenced in Cisco Security
Advisory cisco-sa-20140409-asa.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 73533 ()

Bugtraq ID: 66745
66746
66747
66748

CVE ID: CVE-2014-2126
CVE-2014-2127
CVE-2014-2128
CVE-2014-2129