Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20110223-asa)

high Nessus Plugin ID 52586

Synopsis

The remote security device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA device is missing a security patch and may be affected by the following issues :

- When configured for transparent firewall mode, a packet buffer exhaustion vulnerability could cause the appliance to stop forwarding traffic. (CVE-2011-0393)

- When SCCP inspection is enabled, a malformed SCCP message could cause the appliance to reload.
(CVE-2011-0394)

- If both RIP and the Cisco Phone Proxy feature are enabled, the appliance may reload when processing valid RIP updates. (CVE-2011-0395)

- When the appliance is configured as a local CA server, unauthorized users can obtain sensitive data without providing authentication. (CVE-2011-0396)

Solution

Apply the appropriate patch (see plugin output).

See Also

http://www.nessus.org/u?40e645f7

http://www.nessus.org/u?7d46864f

Plugin Details

Severity: High

ID: 52586

File Name: cisco-sa-20110223-asa.nasl

Version: 1.14

Type: local

Family: CISCO

Published: 3/9/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/h:cisco:asa_5500, cpe:/a:cisco:adaptive_security_appliance_software

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Ease: No known exploits are available

Patch Publication Date: 2/23/2011

Vulnerability Publication Date: 2/23/2011

Reference Information

CVE: CVE-2011-0393, CVE-2011-0394, CVE-2011-0395, CVE-2011-0396

BID: 46518, 46524