Cisco ASA 5500 Series Multiple DoS Vulnerabilities (cisco-sa-20100804-asa)

High Nessus Plugin ID 56045

Synopsis

The remote security device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA is missing a security patch and may be vulnerable to the following issues :

- Multiple DoS vulnerabilities in the SunRPC inspection engine that can be triggered by sending unspecified UDP packets.
(CVE-2010-1578, CVE-2010-1579, CVE-2010-1580)

- Multiple TLS DoS vulnerabilities. Devices configured for SSL VPN, TLS Proxy for Encrypted Voice Inspection, or ASDM management connections are vulnerable.
(CVE-2010-1581, CVE-2010-2814, CVE-2010-2815)

- A DoS vulnerability in the SIP inspection engine.
(CVE-2010-2816)

- An unspecified DoS vulnerability in the IKE implementation.
(CVE-2010-2817)

A remote, unauthenticated attacker could cause the device to reload by exploiting any of these issues.

Solution

Apply the appropriate Cisco ASA patch (see plugin output).

See Also

http://www.nessus.org/u?75808346

http://www.nessus.org/u?54bb11ba

Plugin Details

Severity: High

ID: 56045

File Name: cisco-sa-20100804-asa.nasl

Version: $Revision: 1.8 $

Type: local

Family: CISCO

Published: 2011/09/01

Modified: 2016/05/04

Dependencies: 12634

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:cisco:asa_5500, cpe:/a:cisco:adaptive_security_appliance_software

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/08/04

Vulnerability Publication Date: 2010/08/04

Reference Information

CVE: CVE-2010-1578, CVE-2010-1579, CVE-2010-1580, CVE-2010-1581, CVE-2010-2814, CVE-2010-2815, CVE-2010-2816, CVE-2010-2817

BID: 42187, 42188, 42189, 42190, 42192, 42195, 42196, 42198

OSVDB: 67007, 67008, 67009, 67010, 67012, 67013, 67014, 67015

CISCO-BUG-ID: CSCtc77567, CSCtc79922, CSCtc85753, CSCtd32106, CSCtd32627, CSCte46507, CSCtf37506, CSCtf55259

CISCO-SA: cisco-sa-20100804-asa