U najnovijoj programskoj zakrpi ispravljeno je nekoliko sigurnosnih propusta uređaja Cisco ASA 5500 Series Adaptive Security Appliances. Radi se o uređaju koji se koristi za proaktivnu zaštitu mrežnih resursa, nadgledanje mrežne aktivnosti i stvaranje VPN tunela. Neki od propusta nastaju zbog nepravilnog rukovanja L2L IPSEC sjednicama, Telnet i Online Certificate Status Protocol (OCSP) vezama, pogreške u WebVPN implementaciji, Mobile User Security servisu, itd. Svi propusti se mogu iskorištavati udaljeno kako bi se izveo DoS napad, zaobišle postavljene zabrane ili otkrile osjetljive informacije. Korisnicima se savjetuje korištenje osvježenih inačica.
Cisco ASA Multiple Denial of Service and Security Bypass Vulnerabilities
VUPEN ID VUPEN/ADV-2011-0130
CVE ID CVE-2009-5037 - CVE-2010-4670 - CVE-2010-4672 - CVE-2010-4673 - CVE-2010-4674 - CVE-2010-4675 - CVE-2010-4676 - CVE-2010-4677 - CVE-2010-4678 - CVE-2010-4679 - CVE-2010-4680 - CVE-2010-4681 - CVE-2010-4682 - CVE-2010-4688 - CVE-2010-4689 - CVE-2010-4690 - CVE-2010-4691 - CVE-2010-4692
CWE ID Available in VUPEN VNS Customer Area
CVSS V2 Available in VUPEN VNS Customer Area
Rated as Moderate Risk
Impact Available in VUPEN VNS Customer Area
Authentication Level Available in VUPEN VNS Customer Area
Access Vector Available in VUPEN VNS Customer Area
Release Date 2011-01-17
Share Twitter LinkedIn Facebook Delicious Digg Slashdot
Technical Description
Multiple vulnerabilities have been identified in Cisco ASA 5500 Series Adaptive Security Appliances, which could be exploited by attackers to bypass restrictions, cause a denial of service or gain knowledge of sensitive information. These issues are caused by errors related to SIP inspection, ACLs, Mobile User Security (MUS) service, multicast traffic, LAN-to-LAN (L2L) IPsec sessions, ASDM, Neighbor Discovery (ND), EIGRP traffic, TELNET, IPsec traffic, emWEB, device startup, Online Certificate Status Protocol (OCSP) connections, CIFS, SMTP inspection, and LDAP authentication, which could allow attackers to bypass restrictions, create a denial of service condition or disclose information.
Affected Products
Cisco ASA 5500 Series Adaptive Security Appliances versions 8.x
Solution
Upgrade to Cisco ASA version 8.3(2) or 8.2(4).
References
http://www.vupen.com/english/advisories/2011/0130
http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf
http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
Credits
Vulnerabilities reported by the vendor.
Changelog
2011-01-17 : Initial release
Posljednje sigurnosne preporuke