Search...

Cisco ASA DoS

2012-06-25T00:00:00

ID SECURITYVULNS:VULN:12442
Type securityvulns
Reporter BUGTRAQ
Modified 2012-06-25T00:00:00

Description

It's possible to reboot device remotely.

JSON Vulners Source

Initial Source

{"id": "SECURITYVULNS:VULN:12442", "bulletinFamily": "software", "title": "Cisco ASA DoS", "description": "It's possible to reboot device remotely.", "published": "2012-06-25T00:00:00", "modified": "2012-06-25T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12442", "reporter": "BUGTRAQ", "references": ["https://vulners.com/securityvulns/securityvulns:doc:28211"], "cvelist": ["CVE-2012-3058"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:47", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "b067c534caf18ce8660f41f7be9e07de"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "0f44f62170cbdccc23afe004a7598089"}, {"key": "cvss", "hash": "ed3111898fb94205e2b64cefef5a2081"}, {"key": "description", "hash": "5b0d10ebe72f142056c321f58a2a4d6b"}, {"key": "href", "hash": "b9f4f615a119984bcab621c5d51dd36b"}, {"key": "modified", "hash": "db56ecdd55f2dbba653fb111493244c3"}, {"key": "published", "hash": "db56ecdd55f2dbba653fb111493244c3"}, {"key": "references", "hash": "514ee4b84fff579cb0c23a4d696d599f"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "f4e526e50cdbb8843cb00e972d385e02"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "f9c8ded6048ad08281eef2e7f7e85a5dc231e9d8ab1931069835b85475c84cd1", "viewCount": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE", "modified": "2018-08-31T11:09:47"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-3058"]}, {"type": "nessus", "idList": ["CISCO-SA-20120620-ASAIPV6.NASL"]}, {"type": "cisco", "idList": ["CISCO-SA-20120620-ASAIPV6"]}], "modified": "2018-08-31T11:09:47"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "affectedSoftware": [{"name": "ASA", "operator": "eq", "version": "5500"}]}

{"cve": [{"lastseen": "2016-09-03T16:45:20", "bulletinFamily": "NVD", "description": "Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(4.1), 8.5 before 8.5(1.11), and 8.6 before 8.6(1.3) allow remote attackers to cause a denial of service (device reload) via IPv6 transit traffic that triggers syslog message 110003, aka Bug ID CSCua27134.", "modified": "2013-03-21T23:11:05", "published": "2012-06-20T16:55:02", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3058", "id": "CVE-2012-3058", "type": "cve", "title": "CVE-2012-3058", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cisco": [{"lastseen": "2017-09-26T15:34:05", "bulletinFamily": "software", "description": "Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco\nCatalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote\nattacker to cause a reload of the affected device. \n\nNote: This vulnerability can only be triggered by IPv6 transit traffic, and affects both Cisco ASA and Cisco ASASM when configured in transparent firewall mode (either single or multiple context mode).\n\nCisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) and Cisco\nCatalyst 6500 Series ASA Services Module (Cisco ASASM) contain a vulnerability that may allow an unauthenticated, remote\nattacker to cause the reload of the affected device.\n\nCisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6\"]", "modified": "2012-06-20T03:13:25", "published": "2012-06-20T16:00:00", "id": "CISCO-SA-20120620-ASAIPV6", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6", "type": "cisco", "title": "Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:16:54", "bulletinFamily": "scanner", "description": "The remote Cisco ASA is missing a security patch and may be affected by a denial of service vulnerability. Processing unspecified IPv6 transit traffic can result in a device reload. A remote, unauthenticated attacker could exploit this to cause a denial of service.", "modified": "2018-11-15T00:00:00", "id": "CISCO-SA-20120620-ASAIPV6.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=59716", "published": "2012-06-26T00:00:00", "title": "Cisco ASA 5500 Series DoS (cisco-sa-20120620-asaipv6)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59716);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/15 20:50:20\");\n\n script_cve_id(\"CVE-2012-3058\");\n script_bugtraq_id(54106);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCua27134\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20120620-asaipv6\");\n\n script_name(english:\"Cisco ASA 5500 Series DoS (cisco-sa-20120620-asaipv6)\");\n script_summary(english:\"Checks ASA version\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote security device is missing a vendor-supplied security\npatch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote Cisco ASA is missing a security patch and may be affected\nby a denial of service vulnerability. Processing unspecified IPv6\ntransit traffic can result in a device reload. A remote, unauthenticated\nattacker could exploit this to cause a denial of service.\"\n );\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?577e111a\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Apply the relevant patch referenced in Cisco Security Advisory\ncisco-sa-20120620-asaipv6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:cisco:asa_5500\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Cisco/ASA\", \"Host/Cisco/ASA/model\");\n\n exit(0);\n}\n\ninclude(\"cisco_func.inc\");\ninclude(\"audit.inc\");\n\nasa = get_kb_item_or_exit('Host/Cisco/ASA');\nmodel = get_kb_item_or_exit('Host/Cisco/ASA/model');\nver = extract_asa_version(asa);\nif (isnull(ver)) audit(AUDIT_FN_FAIL, 'extract_asa_version');\n\nif (model !~ '^55[0-9][0-9]')\n audit(AUDIT_HOST_NOT, 'ASA 5500');\n\n# The advisory says:\n# This vulnerability was introduced in 8.4(2).\n# Versions prior to 8.4(2) are not affected by this vulnerability\n# The call below should return TRUE for all 8.4 releases before 8.4(2)\nif (check_asa_release(version:ver, patched:'8.4(2)'))\n audit(AUDIT_INST_VER_NOT_VULN, 'ASA', ver);\n\n# compare the ASA version versus all patches. The comparison is only made if the major versions match up\npatches = make_list('8.4(4.1)', '8.5(1.11)', '8.6(1.3)');\nforeach patch (patches)\n{\n if (check_asa_release(version:ver, patched:patch))\n {\n report =\n '\\n Installed release : ' + ver +\n '\\n Fixed release : ' + patch + '\\n';\n security_hole(port:0, extra:report);\n exit(0);\n }\n}\n\naudit(AUDIT_INST_VER_NOT_VULN, 'ASA', ver);\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}]}