Vigil@nce - Cisco ASA: several vulnerabilities
July 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can use several Cisco ASA vulnerabilities, in order to
generate a denial of service or to bypass access restrictions.
Severity: 2/4
Creation date: 01/07/2010
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in Cisco ASA.
An attacker can generate a Cross Site Scripting in WebVPN.
[severity:2/4; CSCsq78418, CVE-2009-4910]
An attacker can generate a denial of service via PPPoE and SSL
VPN. [severity:2/4; CSCsm77958, CVE-2009-4911]
A non authorized attacker can open a SSL session. [severity:2/4;
CSCso10876, CVE-2009-4912]
Some IPv6 services are available. [severity:2/4; CSCso58622,
CVE-2009-4913]
An attacker can generate a memory leak when the Subject Alternate
Name of a certificate is parsed. [severity:2/4; CSCsq17879,
CVE-2009-4914]
An attacker can open numerous sessions in order to restart the
system. [severity:2/4; CSCsq68451, CVE-2009-4915]
An attacker can log in during the replication in order to stop the
console. [severity:1/4; CSCsq80095, CVE-2009-4916]
An attacker can generate a high SIP traffic in order to restart
the system. [severity:2/4; CSCsr65901, CVE-2009-4917]
An attacker can use NAT-T (NAT Traversal) packets in order to stop
the IKE process. [severity:2/4; CSCsr74439, CVE-2009-4918]
An attacker can use long IKE attributes, in order to generate a
buffer overflow. [severity:2/4; CSCsu43121, CVE-2009-4919]
An attacker can use small packets, in order to generate a denial
of service (version 8.1(2) is still impacted). [severity:2/4;
CSCsu11412, CVE-2009-4920]
An attacker can send malformed TCP packets, in order to generate a
denial of service. [severity:2/4; CSCsm84110, CVE-2009-4921]
An attacker can establish several IPsec L2L tunnels in order to
generate a denial of service. [severity:2/4; CSCso15583,
CVE-2009-4922]
An attacker can use TLS fragments in order to generate a denial of
service. [severity:2/4; CSCso53162, CVE-2009-4923]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-ASA-several-vulnerabilities-9736