Cisco ASA Software Multiple Vulnerabilities (cisco-sa-20141008-asa)

High Nessus Plugin ID 78240

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco ASA device is affected by one or more of the following vulnerabilities :

- A flaw exists in the SQL*NET Inspection Engine due to improper handling of SQL REDIRECT packets. An attacker can exploit this vulnerability by sending a crafted sequence of REDIRECT packets through the affected system. This can cause the device to reload.
(CVE-2014-3382)

- A flaw exists in the IKE code that can allow an unauthenticated, remote attacker to cause the device to reload. This issue is due to the improper validation of UDP packets. (CVE-2014-3383)

- A flaw exists in the IKEv2 code that can allow an unauthenticated, remote attacker to cause the device to reload. This issue is caused by the improper handling of crafted IKEv2 packets. (CVE-2014-3384)

- A flaw exists in Health and Performance Monitoring for ASDM functionality that allows an unauthenticated, remote attacker to cause the reload of the device. This issue is caused by a race condition in the operation of the HPM functionality. An attacker can be able to exploit this by sending a large number of half-open simultaneous connections to the device. (CVE-2014-3385)

- A flaw exists in the GPRS Tunneling Protocol Inspection Engine that can allow an unauthenticated, remote attacker to cause a reload of the device. This issue is caused by improper handling of GTP packets when sent in a specific sequence. (CVE-2014-3386)

- A flaw exists in the SunRPC Inspection Engine that can allow an unauthenticated, remote attacker to cause a reload of the device. This issue is caused by improper validation of specially crafted SunRPC packets.
(CVE-2014-3387)

- A flaw exists in the DNS Inspection Engine that can allow an unauthenticated, remote attacker to cause a reload of the affected system. This issue is caused by the improper validation of crafted DNS packets.
(CVE-2014-3388)

- A flaw exists in the VPN failover component that can allow an authenticated, remote attacker to send configuration commands to the standby units. This is caused by an improper implementation of the internal filter for packets coming from an established VPN tunnel. (CVE-2014-3389)

- A flaw exists in the VNMC component that allows an authenticated, local attacker to access the underlying operating system as the root user. This issue is caused by the improper sanitation of user-supplied input.
(CVE-2014-3390)

- A flaw exists in the function that exports environmental variables that allows an authenticated, local attacker to inject arbitrary commands. (CVE-2014-3391)

- A flaw exists in the Clientless SSL VPN Portal feature that allows an unauthenticated, remote attacker to access arbitrary memory. This issue is caused by the improper sanitation of user-supplied input.
(CVE-2014-3392)

- A flaw exists in the Clientless SSL VPN Portal customization framework that allows an unauthenticated, remote attacker to modify the content of the portal interface. This can lead to the compromise of user credentials, cross-site scripting attacks, and other types of web attacks on the client using the system.
This is caused by the improper implementation of authentication checks. (CVE-2014-3393)

- A flaw exists in the Smart Call Home feature that allows an unauthenticated, remote attacker to bypass digital certificate validation if any feature that uses digital certificates is configured on the affected system.
(CVE-2014-3394)

Solution

Apply the relevant patch or workaround referenced in Cisco Security Advisory cisco-sa-20141008-asa.

See Also

http://www.nessus.org/u?8bc6432e

Plugin Details

Severity: High

ID: 78240

File Name: cisco-sa-20141008-asa.nasl

Version: 1.10

Type: local

Family: CISCO

Published: 2014/10/10

Updated: 2018/11/15

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:adaptive_security_appliance_software

Required KB Items: Host/Cisco/ASA, Host/Cisco/ASA/model

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/10/08

Vulnerability Publication Date: 2014/10/08

Reference Information

CVE: CVE-2014-3382, CVE-2014-3383, CVE-2014-3384, CVE-2014-3385, CVE-2014-3386, CVE-2014-3387, CVE-2014-3388, CVE-2014-3389, CVE-2014-3390, CVE-2014-3391, CVE-2014-3392, CVE-2014-3393, CVE-2014-3394

BID: 70294, 70295, 70296, 70297, 70298, 70299, 70300, 70301, 70302, 70303, 70305, 70306, 70309