Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass

🗓️ 18 Aug 2016 00:00:00Reported by Shadow BrokersType

zdt🔗 0day.today👁 44 Views

Cisco ASA 8.x 'EXTRABACON' Authentication Bypass Vulnerabilit

Reporter	Title	Published	Views	Family All 26
Gitee	Exploit for Classic Buffer Overflow in Cisco Pix_Firewall_Software	8 Sep 202309:54	–	gitee
GithubExploit	Exploit for Classic Buffer Overflow in Cisco Pix_Firewall_Software	20 Sep 201623:19	–	githubexploit
ATTACKERKB	CVE-2016-6366	18 Aug 201600:00	–	attackerkb
BDU FSTEC	The vulnerability of Cisco Adaptive Security Appliance’s microprogramming software allows a perpetrator to trigger a service failure or execute arbitrary code.	23 Aug 201600:00	–	bdu_fstec
Circl	CVE-2016-6366	16 Jul 202015:38	–	circl
CISA KEV Catalog	Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability	24 May 202200:00	–	cisa_kev
Cisco	Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability	17 Aug 201618:45	–	cisco
Tenable Nessus	Cisco ASA SNMP Packet Handling RCE (CSCva92151) (EXTRABACON)	25 Aug 201600:00	–	nessus
canvas	Immunity Canvas: CISCO_SNMP_OID	18 Aug 201618:59	–	canvas
CNVD	Cisco Adaptive Security Appliance Software Remote Code Execution Vulnerability	19 Aug 201600:00	–	cnvd

# Exploit Title: Cisco ASA 8.X Authentication Bypass
# Date: 17-08-2016
# Exploit Author: Equation Group
# Vendor Homepage: Cisco
# Software Link: Cisco
# Version: Cisco ASA 8.X
# Tested on: Cisco ASA 8.4.2
# CVE : Not sure
 
Requirements:
* SNMP read (public) string
* Access to SNMP service
* SSH port accessible
 
 
Full Exploit:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip

#  0day.today [2018-01-04]  #

18 Aug 2016 00:00Current

8.9High risk

Vulners AI Score8.9

EPSS0.90783