accept no compromises

Cisco Security Advisory 20131009-asa

Cisco Security Advisory 20131009-asa
Posted Oct 9, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by multiple authentication bypass and denial of service vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
MD5 | 2c53ff316646201e79ed129d80e790a6

Cisco Security Advisory 20131009-asa

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software

Advisory ID: cisco-sa-20131009-asa

Revision 1.0

For Public Release 2013 October 9 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities:

IPsec VPN Crafted ICMP Packet Denial of Service Vulnerability
SQL*Net Inspection Engine Denial of Service Vulnerability
Digital Certificate Authentication Bypass Vulnerability
Remote Access VPN Authentication Bypass Vulnerability
Digital Certificate HTTP Authentication Bypass Vulnerability
HTTP Deep Packet Inspection Denial of Service Vulnerability
DNS Inspection Denial of Service Vulnerability
AnyConnect SSL VPN Memory Exhaustion Denial of Service Vulnerability
Clientless SSL VPN Denial of Service Vulnerability


These vulnerabilities are independent of one other; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of the IPsec VPN Crafted ICMP Packet Denial of Service Vulnerability, SQL*Net Inspection Engine Denial of Service Vulnerability, HTTP Deep Packet Inspection Denial of Service Vulnerability, DNS Inspection Denial of Service Vulnerability, and Clientless SSL VPN Denial of Service Vulnerability may result in a reload of an affected device, leading to a denial of service (DoS) condition.

Successful exploitation of the Digital Certificate Authentication Bypass Vulnerability, Remote Access VPN Authentication Bypass Vulnerability, and Digital Certificate HTTP Authentication Bypass Vulnerability may result in an authentication bypass, which could allow the attacker access to the inside network via remote access VPN or management access to the affected system via the Cisco Adaptive Security Device Management (ASDM).

Successful exploitation of the AnyConnect SSL VPN Memory Exhaustion Denial of Service Vulnerability may exhaust available memory, which could result in general system instability and cause the affected system to become unresponsive and stop forwarding traffic.

Cisco has released free software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa

Note: The Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers may be affected by the SQL*Net Inspection Engine Denial of Service Vulnerability. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco FWSM. This advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-fwsm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.20 (Darwin)

iF4EAREKAAYFAlJVVn0ACgkQUddfH3/BbTqWZwD/RwBC6JBngB+veDwlJnE/f0JZ
iuuIjMkJNw/hIWUZBSgA+gMaBfPY40K8ORrja7Tf9cuThC8QxjtRmX/Rkj3Rx2P3
=9LM3
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

February 2015

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    2 Files
  • 2
    Feb 2nd
    17 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    16 Files
  • 5
    Feb 5th
    14 Files
  • 6
    Feb 6th
    4 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2015 Packet Storm. All rights reserved.

close