Executive Summary

Summary
Title LDAP and VPN Vulnerabilities in PIX and ASA Appliances
Informations
Name cisco-sa-20070502-asa First vendor Publication 2007-03-13
Vendor Cisco Last vendor Modification 2008-04-24
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities exist in the Cisco Adaptive Security Appliance (ASA) and PIX security appliances. These vulnerabilities include two Lightweight Directory Access Protocol (LDAP) authentication bypass vulnerabilities and two denial of service (DoS) vulnerabilities.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20070502-asa.shtml

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 35
Hardware 4
Os 155

Open Source Vulnerability Database (OSVDB)

Id Description
35333 Cisco PIX / ASA Crafted Clientless SSL Connection Race Condition DoS

PIX/ASA contains a flaw that may allow a remote denial of service. The issue is triggered when by an unspecified flaw in the SSL VPN HTTP server related to processing non-standard SSL sessions, and will result in loss of availability for the platform.
35332 Cisco PIX / ASA Unspecified VPN Connection DoS

PIX/ASA contains a flaw that may allow a remote denial of service. The issue is triggered by an unspecified flaw related to the password-management command used in VPN tunnel configuration, and will result in reloading the device.
35331 Cisco PIX / ASA Unspecified LDAP Authentication Bypass

PIX/ASA contains a flaw that may allow a malicious user to bypass authentication. The issue is triggered when by an unspecified flaw in the LDAP implementation involving L2TP and Remote Management Access. It is possible that the flaw may allow unauthorized access resulting in a loss of integrity.