SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Device (Firewall)  >   Cisco ASA Vendors:   Cisco
Cisco ASA Multiple Flaws Let Remote Users Deny Service and Bypass Security Controls
SecurityTracker Alert ID:  1024963
SecurityTracker URL:  http://securitytracker.com/id/1024963
CVE Reference:   CVE-2009-5037, CVE-2010-4670, CVE-2010-4672, CVE-2010-4673, CVE-2010-4674, CVE-2010-4675, CVE-2010-4676, CVE-2010-4677, CVE-2010-4678, CVE-2010-4679, CVE-2010-4680, CVE-2010-4681, CVE-2010-4682, CVE-2010-4688, CVE-2010-4689, CVE-2010-4690, CVE-2010-4691   (Links to External Site)
Date:  Jan 17 2011
Impact:   Denial of service via network, Disclosure of system information, Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 8.3(2)
Description:   Multiple vulnerabilities were reported in Cisco ASA. A remote user can cause denial of service conditions. A remote user can bypass security controls.

A remote user can send specially crafted LAN-to-LAN (aka L2L) IPsec sessions to cause unspecified denial of service conditions [CVE-2010-4692]. Cisco has assigned Bug ID CSCth36592 to this vulnerability.

A remote user can send specially rafted multicast traffic to cause the target device to crash [CVE-2010-4691]. Cisco has assignd Bug IDs CSCtg61810 and CSCtg69742 to this vulnerability.

A remote user may be able to send a specially crafted HEAD request to the Mobile User Security (MUS) service to obtain potentially sensitive information [CVE-2010-4690]. Cisco has assigned Bug ID CSCte53635 to this vulnerability.

The device does not properly preserve ACL behavior after a migration [CVE-2010-4688]. A remote user can send unspecified data to bypass access restrictions. Cisco has assigned Bug ID CSCte46460 to this vulnerability.

A remote user can send specially crafted SIP calls to cause the target device to crash [CVE-2010-4689]. Cisco has assigned Bug ID CSCte20030 to this vulnerability.

A remote user can send specially crafted LDAP authentication requests to trigger a memory leak and consume excessive memory on the target device [CVE-2010-4682]. Cisco has assigned Bug ID CSCtf29867 to this vulnerability.

A remote user can send specially crafted data to bypass SMTP inspection [CVE-2010-4681]. Cisco has assigned Bug ID CSCte14901 to this vulnerability.

A remote authenticated user can view CIFS shares via WebVPN when CIFS file browing has been disabled [CVE-2010-4680]. Cisco has assigned Bug ID CSCsz80777 to this vulnerability.

The device does not properly handle Online Certificate Status Protocol (OCSP) connection failures [CVE-2010-4679]. A remote user can exhaust all available TCP sockets. Cisco has assigned Bug ID CSCsz36816 to this vulnerability.

A remote user can send data while the device is starting up to bypass access restrictions [CVE-2010-4678]. Cisco has assigned Bug ID CSCsy86769 to this vulnerability.

A remote user can send a specially crafted request via emWeb for a document with a name that contains space characters to cause the target device to crash [CVE-2010-4677]. Cisco has assigned Bug ID CSCsy08416 to this vulnerability.

A remote authenticated user can send a high volume of IPSec traffic to cause the target device to crash [CVE-2010-4676]. Cisco has assigned Bug ID CSCsx52748 to this vulnerability.

A remote authenticated users can bypass Telnet access restrictions [CVE-2010-4675]. Cisco has assigned Bug ID CSCsv40504 to this vulnerability.

A remote user can send specially crafted multicast traffic to cause denial of service conditions [CVE-2010-4674]. Cisco has assigned Bug ID CSCtg63992 to this vulnerability.

A remote user can send a packet flood to cause denial of service conditions [CVE-2010-4673]. Cisco has assigned Bug ID CSCtg06316 to this vulnerability.

A remote user can send specially crafted EIGRP traffic to trigger an EIGRP multicast storm [CVE-2010-4672]. Cisco has assigned Bug ID CSCtf20269 to this vulnerability.

A remote user can send Router Advertisement (RA) messages via IPv6 with different source addresses to cause excessive CPU consumption on the target system or possibly cause the target device to hang [CVE-2010-4670]. Cisco has assigned Bug ID CSCti24526 to this vulnerability.

A remote user can cause an ADSM syslog outage by sending a long URL [CVE-2009-5037]. Cisco has assigned Bug IDs CSCsm11264 and CSCtb92911 to this vulnerability.

Impact:   A remote user can cause denial of service conditions.

A remote user can bypass certain security controls.

Solution:   The vendor has issued a fix (8.3(2)).

The vendor's advisory is available at:

http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf

Vendor URL:  www.cisco.com/ (Links to External Site)
Cause:   Access control error, Input validation error, Resource error
Underlying OS:  

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC