Cisco ASA Next-Generation Firewall GNU Bash Environment Variable Handling Command Injection (cisco-sa-20140926-bash) (Shellshock)
Critical Nessus Plugin ID 78827
SynopsisThe remote security device is missing a vendor-supplied security patch.
DescriptionThe remote ASA Next-Generation Firewall (NGFW) host is missing a security patch. It is, therefore, affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via environment variable manipulation depending on the configuration of the system.
SolutionApply the relevant patch referenced in Cisco Security Advisory cisco-sa-20140926-bash.