Cisco Firewall Services Module Software Multiple Vulnerabilities (cisco-sa-20131009-fwsm)

medium Nessus Plugin ID 70493


The remote device is missing a vendor-supplied security update.


The remote Cisco Firewall Services Module (FWSM) device is affected by one or both of the following vulnerabilities.

- A flaw exists in FWSM that could allow an authenticated, unprivileged, local attacker to execute certain commands in any other context of the affected system.

- A flaw exists in FWSM in the SQL*Net Inspection Engine that could allow a remote denial of service that could be triggered when handling a malformed TNS packet.


Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20131009-fwsm.

See Also

Plugin Details

Severity: Medium

ID: 70493

File Name: cisco-sa-20131009-fwsm.nasl

Version: 1.12

Type: local

Family: CISCO

Published: 10/18/2013

Updated: 11/27/2019

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Medium

Base Score: 6.6

Temporal Score: 4.9

Vector: CVSS2#AV:L/AC:M/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2013-5506

Vulnerability Information

CPE: cpe:/h:cisco:firewall_services_module

Required KB Items: Host/Cisco/FWSM/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 10/9/2013

Vulnerability Publication Date: 10/9/2013

Reference Information

CVE: CVE-2013-5506, CVE-2013-5508

BID: 62912, 62918