Vigil@nce - Cisco ASA, FWSM: bypassing ACL via time-range
May 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can bypass an ACL of Cisco ASA and FWSM, which uses
the time-range object.
Impacted products: ASA, Cisco Catalyst, IOS, Cisco Router xx00
Series
Severity: 2/4
Creation date: 23/04/2013
DESCRIPTION OF THE VULNERABILITY
The time-range object is used to define a time range to be applied
on an ACL.
However, the periodic time-range object is not correctly
implemented, and it is ignored.
An attacker can therefore bypass an ACL of Cisco ASA and FWSM,
which uses the time-range object.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-ASA-FWSM-bypassing-ACL-via-time-range-12705