Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20131009-asa)

critical Nessus Plugin ID 70474
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA device is affected by one or more of the following vulnerabilities :

- A denial of service vulnerability exists due to improper clearing of unused memory blocks after an AnyConnect SSL VPN client disconnects. (CVE-2013-3415)

- A denial of service vulnerability exists resulting from an error in the code that decrypts packets transiting an active VPN tunnel. (CVE-2013-5507)

- A denial of service vulnerability exists due to improper handling of segmented Transparent Network Substrate (TNS) packets. (CVE-2013-5508)

- An authentication bypass vulnerability exists resulting due to an error in handling a client crafted certificate during the authentication phase. (CVE-2013-5509)

- An authentication bypass vulnerability exists due to improper parsing of the LDAP response packet received from a remote AAA LDAP server. (CVE-2013-5510)

- An authentication bypass vulnerability exists due to an error in the implementation of the authentication-certificate option. (CVE-2013-5511)

- A denial of service vulnerability exists due to improper handling of a race condition during inspection of HTTP packets by the HTTP DPI engine. (CVE-2013-5512)

- A denial of service vulnerability exists due to the improper processing of unsupported DNS over TCP packets by the DNS inspection engine. (CVE-2013-5513)

- A denial of service vulnerability exists resulting from the improper handling of crafted HTTPS requests for systems configured for Clientless SSL VPN.
(CVE-2013-5515)

- A denial of service condition can be caused by improper handling of crafted ICMP packets. (CVE-2013-5542)

Note that the verification checks for the presence of CVE-2013-5513 and CVE-2013-5515 are best effort approaches and may result in potential false positives.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20131009-asa.

See Also

http://www.nessus.org/u?d011fc2b

http://www.nessus.org/u?efc913e7

http://www.nessus.org/u?2d97cc96

http://www.nessus.org/u?e758053c

http://www.nessus.org/u?f122ca71

http://www.nessus.org/u?0960915d

http://www.nessus.org/u?82b9bb7a

http://www.nessus.org/u?94e50312

http://www.nessus.org/u?8eee683f

http://www.nessus.org/u?f18ec641

Plugin Details

Severity: Critical

ID: 70474

File Name: cisco-sa-20131009-asa.nasl

Version: 1.10

Type: local

Family: CISCO

Published: 10/17/2013

Updated: 11/15/2018

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:adaptive_security_appliance_software, cpe:/h:cisco:asa_5500, cpe:/h:cisco:asa_6500, cpe:/h:cisco:asa_7600, cpe:/h:cisco:asa_1000V

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Ease: No known exploits are available

Patch Publication Date: 10/9/2013

Vulnerability Publication Date: 10/9/2013

Reference Information

CVE: CVE-2013-3415, CVE-2013-5507, CVE-2013-5508, CVE-2013-5509, CVE-2013-5510, CVE-2013-5511, CVE-2013-5512, CVE-2013-5513, CVE-2013-5515, CVE-2013-5542

BID: 62910, 62911, 62912, 62913, 62914, 62915, 62916, 62917, 62919, 63202