Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Security Vulnerability

Vigil@nce - Cisco ASA: several vulnerabilities

July 2010 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can use several Cisco ASA vulnerabilities, in order to
generate a denial of service or to bypass access restrictions.

Severity: 2/4

Creation date: 01/07/2010

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in Cisco ASA.

An attacker can generate a Cross Site Scripting in WebVPN.
[severity:2/4; CSCsq78418, CVE-2009-4910]

An attacker can generate a denial of service via PPPoE and SSL
VPN. [severity:2/4; CSCsm77958, CVE-2009-4911]

A non authorized attacker can open a SSL session. [severity:2/4;
CSCso10876, CVE-2009-4912]

Some IPv6 services are available. [severity:2/4; CSCso58622,
CVE-2009-4913]

An attacker can generate a memory leak when the Subject Alternate
Name of a certificate is parsed. [severity:2/4; CSCsq17879,
CVE-2009-4914]

An attacker can open numerous sessions in order to restart the
system. [severity:2/4; CSCsq68451, CVE-2009-4915]

An attacker can log in during the replication in order to stop the
console. [severity:1/4; CSCsq80095, CVE-2009-4916]

An attacker can generate a high SIP traffic in order to restart
the system. [severity:2/4; CSCsr65901, CVE-2009-4917]

An attacker can use NAT-T (NAT Traversal) packets in order to stop
the IKE process. [severity:2/4; CSCsr74439, CVE-2009-4918]

An attacker can use long IKE attributes, in order to generate a
buffer overflow. [severity:2/4; CSCsu43121, CVE-2009-4919]

An attacker can use small packets, in order to generate a denial
of service (version 8.1(2) is still impacted). [severity:2/4;
CSCsu11412, CVE-2009-4920]

An attacker can send malformed TCP packets, in order to generate a
denial of service. [severity:2/4; CSCsm84110, CVE-2009-4921]

An attacker can establish several IPsec L2L tunnels in order to
generate a denial of service. [severity:2/4; CSCso15583,
CVE-2009-4922]

An attacker can use TLS fragments in order to generate a denial of
service. [severity:2/4; CSCso53162, CVE-2009-4923]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Cisco-ASA-several-vulnerabilities-9736


See previous articles

    

See next articles


Security Vulnerability

All our news in english

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast TRAINING Jobs CONTACTS Contact About Mentions légales identifier ADMIN

Global Security Mag Copyright 2011