Cisco ASA 5500 Series Multiple DoS Vulnerabilities (cisco-sa-20100804-asa)

High Nessus Plugin ID 56045


The remote security device is missing a vendor-supplied security patch.


The remote Cisco ASA is missing a security patch and may be vulnerable to the following issues :

- Multiple DoS vulnerabilities in the SunRPC inspection engine that can be triggered by sending unspecified UDP packets.
(CVE-2010-1578, CVE-2010-1579, CVE-2010-1580)

- Multiple TLS DoS vulnerabilities. Devices configured for SSL VPN, TLS Proxy for Encrypted Voice Inspection, or ASDM management connections are vulnerable.
(CVE-2010-1581, CVE-2010-2814, CVE-2010-2815)

- A DoS vulnerability in the SIP inspection engine.

- An unspecified DoS vulnerability in the IKE implementation.

A remote, unauthenticated attacker could cause the device to reload by exploiting any of these issues.


Apply the appropriate Cisco ASA patch (see plugin output).

See Also

Plugin Details

Severity: High

ID: 56045

File Name: cisco-sa-20100804-asa.nasl

Version: 1.10

Type: local

Family: CISCO

Published: 2011/09/01

Updated: 2018/11/15

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/h:cisco:asa_5500, cpe:/a:cisco:adaptive_security_appliance_software

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2010/08/04

Vulnerability Publication Date: 2010/08/04

Reference Information

CVE: CVE-2010-1578, CVE-2010-1579, CVE-2010-1580, CVE-2010-1581, CVE-2010-2814, CVE-2010-2815, CVE-2010-2816, CVE-2010-2817

BID: 42187, 42188, 42189, 42190, 42192, 42195, 42196, 42198