SynopsisThe remote security device is missing a vendor-supplied security patch.
DescriptionThe remote Cisco ASA is missing a security patch and may be affected by the following issues :
- When MSN IM inspection is enabled, inspecting malformed transit traffic could cause the device to reload.
- TACACS+ authentication can be bypassed by an attacker with access between the ASA and the TACACS+ server.
- Four DoS vulnerabilities in the SunRPC inspection engine can be triggered by specially crafted UDP traffic, causing the device to reload.
(CVE-2011-3299, CVE-2011-3300, CVE-2011-3301, CVE-2011-3302)
- When ILS inspection is enabled, inspecting malformed transit traffic could cause the device to reload, resulting in a sustained DoS condition. (CVE-2011-3303)
SolutionApply the appropriate Cisco ASA patch (see plugin output).