---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/ Stay Secure, Secunia ---------------------------------------------------------------------- TITLE: Cisco ASA and PIX Multiple Vulnerabilities SECUNIA ADVISORY ID: SA34607 VERIFY ADVISORY: http://secunia.com/advisories/34607/ DESCRIPTION: Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service). 1) An unspecified error exists in the Cisco ASA and Cisco PIX security appliances, which can be exploited to bypass authentication when the "override account" feature is enabled. This vulnerability is reported in Cisco ASA and PIX software versions 7.1, 7.2, 8.0, and 8.1. 2) An unspecified error in the processing of HTTP packets can be exploited to cause a reload by sending a specially crafted SSL or HTTP packet to a Cisco ASA device that is configured to terminate SSL VPN connections or to an interface where ASDM access is enabled. This vulnerability is reported in Cisco ASA software versions 8.0 and 8.1. 3) A memory leak in the processing of TCP packets can be exploited to cause a DoS by sending specially crafted TCP packets to a TCP-based service on an affected device. This vulnerability is reported in Cisco ASA and Cisco PIX security appliances running versions 7.0, 7.1, 7.2, 8.0, and 8.1 with any of the following features enabled. * SSL VPNs * ASDM Administrative Access * Telnet Access * SSH Access * Cisco Tunneling Control Protocol (cTCP) for Remote Access VPNs * Virtual Telnet * Virtual HTTP * Transport Layer Security (TLS) Proxy for Encrypted Voice Inspection * Cut-Through Proxy for Network Access * TCP Intercept 4) An unspecified error in the H.323 inspection can be exploited to cause a reload of an affected device via specially crafted H.323 packets. This vulnerability is reported in Cisco ASA and Cisco PIX software versions 7.0, 7.1, 7.2, 8.0, and 8.1. 5) An unspecified error in the SQL*Net inspection can be exploited to cause a reload of an affected device via specially crafted SQL*Net packets. This vulnerability is reported in Cisco ASA and Cisco PIX software versions 7.2, 8.0, and 8.1. 6) An unspecified error can be exploited to bypass the implicit deny behavior when handling Access Control Lists. This vulnerability is reported in Cisco ASA and Cisco PIX software versions 7.0, 7.1, 7.2, and 8.0. SOLUTION: Update to the fixed versions (please see the vendor advisory for patch information). PROVIDED AND/OR DISCOVERED BY: 3) The vendor credits Gregory W. MacPherson and Robert J. Combo from Verizon Business. 6) The vendor credits Jon Ramsey, Jeff Jarmoc, and Fernando Medrano from SecureWorks. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml OTHER REFERENCES: http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a0080a99518.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------