Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (cisco-sa-20100217-asa)

High Nessus Plugin ID 44914


The remote SSL VPN Server is vulnerable to various flaws


The remote host is a Cisco Adaptive Security Appliance (ASA). The remote version of the software used on this appliance is affected by the following security flaws :

- A TCP connection exhaustion denial of service vulnerability. (CVE-2010-0149)

- Two Session Initiation Protocol (SIP) inspection denial of service vulnerabilities. (CVE-2010-0150 and CVE-2010-0569)

- A Skinny Client Control Protocol (SCCP) inspection denial of service vulnerability. (CVE-2010-0151)

- A WebVPN Datagram Transport Layer Security (DTLS) denial of service vulnerability. (CVE-2010-0565)

- A crafted TCP segment denial of service vulnerability.

- A crafted Internet Key Exchange (IKE) message denial of service vulnerability. (CVE-2010-0567)

- An NT LAN Manager version 1 (NTLMv1) authentication bypass vulnerability. (CVE-2010-0568)

An attacker could exploit these flaws to crash the remote device, or to log into the remote VPN (when configured to use NTLMv1 authentication).


Install the appropriate firmware upgrade as described in the vendor's advisory.

See Also

Plugin Details

Severity: High

ID: 44914

File Name: cisco_asa_multiple_flaws.nbin

Version: $Revision: 1.26 $

Type: remote

Family: Firewalls

Published: 2010/02/25

Modified: 2018/01/29

Dependencies: 42796

Risk Information

Risk Factor: High


Base Score: 9.4

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/02/17

Vulnerability Publication Date: 2010/02/17

Reference Information

CVE: CVE-2010-0149, CVE-2010-0150, CVE-2010-0151, CVE-2010-0565, CVE-2010-0566, CVE-2010-0567, CVE-2010-0568, CVE-2010-0569

BID: 38274, 38275, 38276, 38277, 38278, 38279, 38280, 38281

OSVDB: 62430, 62431, 62432, 62433, 62434, 62435, 62436, 62437