Vigil@nce - Cisco ASA: denial of service via WebVPN Proxy Bypass Content Rewriter
February 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can generate an error in WebVPN Proxy Bypass Content
Rewriter of Cisco ASA, in order to trigger a denial of service.
– Impacted products: ASA
– Severity: 2/4
– Creation date: 09/02/2015
DESCRIPTION OF THE VULNERABILITY
The Cisco ASA product offers a WebVPN service.
The Proxy Bypass Content Rewriter feature is used to rewrite the
content of web documents. However, a malicious HTTP query triggers
a fatal error.
An attacker can therefore generate an error in WebVPN Proxy Bypass
Content Rewriter of Cisco ASA, in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN