Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

2011-10-05T16:00:00
ID CISCO-SA-20111005-ASA
Type cisco
Reporter Cisco
Modified 2012-07-14T09:38:47

Description

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module are affected by multiple vulnerabilities as follows:

MSN Instant Messenger (IM) Inspection Denial of Service vulnerability
TACACS+ Authentication Bypass vulnerability
Four SunRPC Inspection Denial of Service vulnerabilities
Internet Locator Service (ILS) Inspection Denial of Service vulnerability

These vulnerabilities are independent; a release that is affected by one vulnerability may not necessarily be affected by the others.

Workarounds for some of the vulnerabilities are provided in this advisory.

This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-asa["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-asa"].

Note: The Cisco Firewall Services Module (FWSM) is affected by the TACACS+ authentication bypass vulnerability, SunRPC Inspection denial of service (DoS) vulnerabilities and ILS inspection DoS vulnerability. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the FWSM. This advisory is available at: http://www.cisco.com/warp/public/707/cisco-sa-20110831-fwsm.shtml["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-fwsm"]