Executive Summary

Summary
Title Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances
Informations
Name cisco-sa-20110223-asa First vendor Publication 2011-01-11
Vendor Cisco Last vendor Modification 2011-02-23
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:N/A:N)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco ASA 5500 Series Adaptive Security Appliances are affected by the following vulnerabilities:

* Transparent Firewall Packet Buffer Exhaustion Vulnerability
* Skinny Client Control Protocol (SCCP) Inspection Denial of Service Vulnerability
* Routing Information Protocol (RIP) Denial of Service Vulnerability
* Unauthorized File System Access Vulnerability

These vulnerabilities are independent; a release that is affected by one vulnerability is not necessarily affected by the others.

Cisco has released free software updates that address these vulnerabilities.

Original Source

Url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6 (...)

CWE : Common Weakness Enumeration

% Id Name
75 % CWE-399 Resource Management Errors
25 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 53
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Os 10
Os 267
Os 29

Open Source Vulnerability Database (OSVDB)

Id Description
72586 Cisco Adaptive Security Appliances (ASA) 5500 Series Certificate Authority (C...
72585 Cisco Adaptive Security Appliances (ASA) 5500 Series RIP Update Handling Remo...
72584 Cisco Multiple Products Transparent Firewall Mode IPv6 Traffic Handling Exhau...
72582 Cisco Multiple Products Malformed Skinny Client Control Protocol (SCCP) Messa...

Nessus® Vulnerability Scanner

Date Description
2011-03-09 Name : The remote security device is missing a vendor-supplied security patch.
File : cisco-sa-20110223-asa.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2016-07-28 01:03:27
  • Multiple Updates
2014-02-17 10:22:00
  • Multiple Updates
2013-05-11 00:42:40
  • Multiple Updates