Links
4 New Cisco Vulnerabilities in ASA 5500 Series Appliances
GSA Reference Number: AD111012-01
Simply Put: Cisco has released an advisory for multiple vulnerabilities with Cisco ASA 5500 devices. This advisory identifies three new denial of service vulnerabilities and one new authentication bypass vulnerability. An update from Cisco is available to address these issues and should be applied as soon as possible. Gladiator will be testing this update for compatibility and stability and will then notify affected clients if an update is necessary.
Attack Details: Cisco has identified the following vulnerabilities in its ASA 5500 series devices (from the Cisco Advisory):
- MSN Instant Messenger (IM) Inspection Denial of Service vulnerability
- TACACS+ Authentication Bypass vulnerability
- Four SunRPC Inspection Denial of Service vulnerabilities
- Internet Locator Service (ILS) Inspection Denial of Service vulnerability
Denial of service vulnerabilities are quite serious for firewalls, as this could bring down an institution’s access to the Internet. More detailed information can be found in the Cisco advisory linked below.
Countermeasures: Cisco has released an update to address these vulnerabilities. Gladiator will be testing this update for compatibility and stability and will then begin rolling it out to affected clients as soon as possible. We will review all of our monitored devices to determine if an update is required and will then notify clients, as necessary, to schedule the roll out. If you are not a Gladiator customer, we recommend that you examine all Cisco ASA devices to determine if this update is necessary. If applicable, roll out this update after-hours when users are not accessing the Internet. Cisco has listed possible workarounds in its advisory for those institutions that cannot patch their ASA systems.
Reference Links: