Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20140409-asa)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote Cisco ASA device is affected by one or more of the
following vulnerabilities :

- An issue exists in the Adaptive Security Device Manager
(ADSM) due to improper privilege assignment to users
with a privilege level of zero. This issue allows an
authenticated, remote attacker to gain administrative
privileges. (CVE-2014-2126)

- An issue exists in the SSL VPN portal when the
Clientless SSL VPN feature is used due to improper
handling of management session information. An
authenticated, remote attacker can exploit this to gain
administrative privileges. (CVE-2014-2127)

- An issue exists in the SSL VPN feature due to improper
handling of authentication cookies. An unauthenticated,
remote attacker can exploit this to bypass
authentication, resulting in unauthorized access to
internal network resources. (CVE-2014-2128)

- An issue exists in the SIP inspection engine due to
improper handling of SIP packets. An unauthenticated,
remote attacker can exploit this to cause memory
exhaustion, resulting in a denial of service.
(CVE-2014-2129)

Note that that the verification check for the presence of
CVE-2014-2128 is a best effort approach and may result in potential
false positives.

See also :

http://www.nessus.org/u?6fcb7e97

Solution :

Apply the relevant patch or workaround referenced in Cisco Security
Advisory cisco-sa-20140409-asa.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 73533 ()

Bugtraq ID: 66745
66746
66747
66748

CVE ID: CVE-2014-2126
CVE-2014-2127
CVE-2014-2128
CVE-2014-2129