Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20110223-asa)

High Nessus Plugin ID 52586

Synopsis

The remote security device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA device is missing a security patch and may be affected by the following issues :

- When configured for transparent firewall mode, a packet buffer exhaustion vulnerability could cause the appliance to stop forwarding traffic. (CVE-2011-0393)

- When SCCP inspection is enabled, a malformed SCCP message could cause the appliance to reload.
(CVE-2011-0394)

- If both RIP and the Cisco Phone Proxy feature are enabled, the appliance may reload when processing valid RIP updates. (CVE-2011-0395)

- When the appliance is configured as a local CA server, unauthorized users can obtain sensitive data without providing authentication. (CVE-2011-0396)

Solution

Apply the appropriate patch (see plugin output).

See Also

http://www.nessus.org/u?40e645f7

http://www.nessus.org/u?7d46864f

Plugin Details

Severity: High

ID: 52586

File Name: cisco-sa-20110223-asa.nasl

Version: 1.14

Type: local

Family: CISCO

Published: 2011/03/09

Updated: 2018/11/15

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:cisco:asa_5500, cpe:/a:cisco:adaptive_security_appliance_software

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2011/02/23

Vulnerability Publication Date: 2011/02/23

Reference Information

CVE: CVE-2011-0393, CVE-2011-0394, CVE-2011-0395, CVE-2011-0396

BID: 46518, 46524