Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2012.0604.2
Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
20 September 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco AnyConnect Secure Mobility Client
Publisher: Cisco Systems
Operating System: Windows
Linux variants
Mac OS X
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2012-4655 CVE-2012-2496 CVE-2012-2495
CVE-2012-2494 CVE-2012-2493
Original Bulletin:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
Revision History: September 20 2012: Revision 2.0 of this advisory corrects an
inadvertent omission in the original
advisory, which failed to list that the
fixes also address a vulnerability in
Cisco Secure Desktop, described by
CVE-2012-4655.
June 21 2012: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect
Secure Mobility Client
Advisory ID: cisco-sa-20120620-ac
Revision 2.0
Last Updated 2012 September 19 16:01 UTC (GMT)
For Public Release 2012 June 20 16:00 UTC (GMT)
+--------------------------------------------------------------------
Summary
=======
The Cisco AnyConnect Secure Mobility Client is affected by the following
vulnerabilities:
* Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code
Execution Vulnerability
* Cisco AnyConnect Secure Mobility Client VPN Downloader Software
Downgrade Vulnerability
* Cisco AnyConnect Secure Mobility Client and Cisco Secure Desktop
Hostscan Downloader Software Downgrade Vulnerability
* Cisco AnyConnect Secure Mobility Client 64-bit Java VPN Downloader
Arbitrary Code Execution Vulnerability
* Cisco Secure Desktop Arbitrary Code Execution Vulnerability
Cisco has released free software updates that address these
vulnerabilities. Workarounds that mitigate these vulnerabilities are
available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
Note: Revision 2.0 of this advisory corrects an inadvertent omission in
the original advisory, which failed to list that the fixes also address
a vulnerability in Cisco Secure Desktop, described by CVE-2012-4655.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iF4EAREIAAYFAlBZ8RsACgkQUddfH3/BbTrMXAD+KzDhX4MHl8balbQ1dcfDrmeu
LwCqi3iKEPcAqHsa3sYBAI6GvgsZ99r1+5O3p7WBHGvWwcgRPQdAdSaWXznICylf
=J7RB
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUFqnr+4yVqjM2NGpAQKa9Q/+IB2bKQ3GqJGT3nROjQiP3s9rw0dm61wo
sciZ2YIcCphW7WXxJ2zEUYGncyFZPfAvSRleImm6BvD0bAesjwSctsxhELhf1S2X
JE05ADXCxDReqTCOhEDx2cLzSVScYShwu55yaNYOgO5PZxn//uFKi3ccOErGxlTH
9f2SVgrsBQaJtmOeuMEUemGtKkOun8UremFX6dXZqNyZzdt2/3nIl26AtGy5c5xA
6QLRNxcNZ4q+QXCqjJWOvKXYntd1gsmZDaBfZNlNhCMCpG4TCOfGNVrXMG/jOUXd
0WMcgsnZ1VtuorTe2jFQF+O0ZrczoEwwI6Homh1tlCYqbaMRDkks4TM6fy5Tqouu
fhztbcW1Aj3IfnXKpb79tYikIfTvwGdNaTjsr2lH+vh1b5MfzeEkCFpPOEiG6RK9
TQotci+qpP98gklc0x82ePJU5jXOgAP8BpuLcBrlbnqsGqg6Ij7y9KV+QG002u/9
pmh16S10A0IJcouuwmdZfh96uhAMoEpwghNTVxjWTYHo2xMp+WZ9aSXLjxsE+XzG
M3hmgQv0qV/5fO9tr++WK/ctMF8eY9crrRnz+8GxqRUqmODzxN59PnOjkblr9Q1l
55WfFO5SOKViL1N1hm/BmJU/7p1ZBr+ww2xELkE9bK9Me5oZqz6vp95sWdDov8ge
zQFxVUqWVjE=
=oxpj
-----END PGP SIGNATURE-----