Cisco ASA 5500 Series Multiple DoS Vulnerabilities (cisco-sa-20100804-asa)
High Nessus Plugin ID 56045
SynopsisThe remote security device is missing a vendor-supplied security patch.
DescriptionThe remote Cisco ASA is missing a security patch and may be vulnerable to the following issues :
- Multiple DoS vulnerabilities in the SunRPC inspection engine that can be triggered by sending unspecified UDP packets.
(CVE-2010-1578, CVE-2010-1579, CVE-2010-1580)
- Multiple TLS DoS vulnerabilities. Devices configured for SSL VPN, TLS Proxy for Encrypted Voice Inspection, or ASDM management connections are vulnerable.
(CVE-2010-1581, CVE-2010-2814, CVE-2010-2815)
- A DoS vulnerability in the SIP inspection engine.
- An unspecified DoS vulnerability in the IKE implementation.
A remote, unauthenticated attacker could cause the device to reload by exploiting any of these issues.
SolutionApply the appropriate Cisco ASA patch (see plugin output).