Links
Cisco Advisories – VPN and SIP vulnerabilities
GSA Reference Number: AD080903-01
Simply Put: Cisco has announced five vulnerabilities in their Cisco ASA 5500 and PIX devices. The vulnerabilities deal with denial of service to the device or information disclosure. The denial of service issues will cause the device to reload, if exploited. For a comprehensive list of affected IOS versions, refer to the Cisco article linked below. Gladiator will be reviewing all client Cisco devices to determine what IOS version they are running. If a device is out of date, it will be updated starting this weekend.
Attack Details:
The attack details section is intended for technical review.
Erroneous SIP Processing Vulnerabilities
This is a denial of service vulnerability due to processing errors in the SIP inspection.IPSec Client Authentication Processing Vulnerability
Devices that are connected with VPN connections are vulnerable to a denial of service attack.SSL VPN Memory Leak Vulnerability
Cisco ASA devices that are hosting active SSL VPN connections are vulnerable to a denial of service attack.URI Processing Error Vulnerability in SSL VPNs
Cisco ASA devices with an SSL VPN HTTP server are vulnerable to a denial of service attack.
Potential Information Disclosure in Clientless VPNs
Cisco ASA devices that currently have SSL VPN connections are vulnerable to an information disclosure. This may allow an attacker to obtain user and group credentials if the user interacts with a rogue system.
Countermeasures: Cisco has released IOS patches for each of the vulnerabilities listed above. Gladiator will apply the appropriate updates. Do not attempt applying these updates this without assistance from your network support vendor.
Reference Links:
- Cisco Security Advisory Bundle (http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml)
- Secunia Advisory (http://secunia.com/advisories/31730/)