Operating System:

[Cisco]

Published:

10 April 2014

Protect yourself against future threats.

//Service

Malicious URL Feed

Add this Australian-based feed to your firewall blacklist and SIEM to prevent compromises to your network.

Read more
Resources > Security Bulletins > ESB-2014.0481 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.0481
              Multiple Vulnerabilities in Cisco ASA Software
                               10 April 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Cisco Adaptive Security Appliance
Publisher:         Cisco Systems
Operating System:  Cisco
Impact/Access:     Administrator Compromise -- Existing Account      
                   Denial of Service        -- Remote/Unauthenticated
                   Unauthorised Access      -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-2129 CVE-2014-2128 CVE-2014-2127
                   CVE-2014-2126  

Original Bulletin: 
   http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Multiple Vulnerabilities in Cisco ASA Software

Advisory ID: cisco-sa-20140409-asa

Revision 1.0

For Public Release 2014 April 9 16:00  UTC (GMT)

Summary
=======

  Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities:
  Cisco ASA ASDM Privilege Escalation Vulnerability
  Cisco ASA SSL VPN Privilege Escalation Vulnerability
  Cisco ASA SSL VPN Authentication Bypass Vulnerability
  Cisco ASA SIP Denial of Service Vulnerability

These vulnerabilities are independent of one another; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of the Cisco ASA ASDM Privilege Escalation Vulnerability and the Cisco ASA SSL VPN Privilege Escalation Vulnerability may allow an attacker or an unprivileged user to elevate privileges and gain administrative access to the affected system.

Successful exploitation of the Cisco ASA SSL VPN Authentication Bypass Vulnerability may allow an attacker to obtain unauthorized access to the internal network via SSL VPN.

Successful exploitation of the Cisco ASA SIP Denial of Service Vulnerability may cause the exhaustion of available memory. This may cause system instability and in some cases lead to a reload of the affected system, creating a denial of service (DoS) condition. 

Cisco has released free software updates that address these vulnerabilities. 
Workarounds that mitigate these vulnerabilities are available for some of the vulnerabilities.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa

Note: This security advisory does not provide information about the OpenSSL TLS Heartbeat Read Overrun Vulnerability identified by CVE-2014-0160 (also known as Heartbleed).  For additional information regarding Cisco products affected by this vulnerability, refer to the Cisco Security Advisory available at the following link:  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBAgAGBQJTRW5YAAoJEIpI1I6i1Mx3eL0P/0B7V5l5M5++F8QuYHbKcg85
7Rn1IAOjIWJyWHT5JgGAbNvCfYHe4eTdTvF0ijP8DErhfbxWOA3D7EegJY3dw6fo
fiKHVoxguR8F4GW4jTq8miHFu0rQ8Yke1lGJPGEN6EbNof+MzAihTnwFoh0miz/8
h8PaxUI+XRMh7DgvdWIwdItj0afmsBJ+4Un1XqDw5YuaeVGsl6sxCXgnS2WaaCkA
tJWhtXi0//piAdEKyTmRgV+vUWSCMvm3cmMjl6RaIUNvPgwcryfaLn6HxuOAEYKL
ayAabGJ2WFYJzYdbyyomccJ/5AEApFubdxXC8aQkzVqVXhypbedJCP8v+AVFZFth
s8qNGJc+4XL7F/ZrNPi7qRJy0Ll+eQJ4+wyIXSWv7uPuGDXuWctfXckfFc+DhtJL
z+wWwhsgvXjnzkO8zIqAAY9USXzoJ33U9PztLE6SnP7tuorCS5ls3RMXQylS0DRc
OYzSnRn9p44xvpBldE9TWl9oxo5eWMXyPGqo/pHzU1nBEqXZJesAr+D9PRXZvOHk
7kxIfCAE/6VASiWa4WtQ1Mb1uV99s9KKQhn0fAv5Fg/0WH2Q/9fTtcyHqB4cWXLE
9bM2c26iZGrwuYiUonHwi3bi2gNbF3TLsmxvV+W7/NihdVgJwv+jAxLahSLQ6Vji
9g1oNfty2EMETTgUmjkL
=8YEX
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU0XtQRLndAQH1ShLAQIxPg/+Lca0bj8j2rJN5n7M5ZYHMpBHBd0i4/R8
Q0qUE5gXhYhLka4EC77IxYtzCeq/n6LJoStqYUg2X7FWaRauJQ3g0MMy1+pR6bWP
xSHRk5asx74I4NMW+Cmv+e624iOdCQQ9AwF76Ql0voTICv+nh7t9EveXV7zOAUvn
VwJNkyEYZP1JevlLBwjR2b/4X2y4neBpma6EFB8WDijBu+RJOhqS43I0Tvr7R390
rqJMmjNGLz1X+r5GGTRyJhWopBHf/p6XRt7PJsJT0mXo7P2snvl65+/xI+0TVHsL
sIRIPwJRV2h+z2an32dkZTA80jMDVvgY2uASGlCp5PJKhZS1Z8owqWFJXseVSJcO
9zPhzYI0wva5sbAuta0McqSSKfwZdSv68uf17uJXV5xLsztAlBDrf7J89oUPerqR
kqz8raf5pYvfkgxJICVB/nO0eWUYMsHj3TTV+2tVmUeAJZVYY4nfXHxx/UYQgQwa
bgKYNjyCnd7NyeZLTYpfM6gr5BpW0ZXy+blq6oU+24WtvEHfhEywnYlNER8BuNuX
QiNmQXhenXpESVufH96Vi+ZpOErvrQyRs6aXcqO5zUHBlhU+T+lXI8bYNWNCorYh
leQ5x/nhM8IgUBOEdCh+6EenjrZ6+WxqC4Bs44Q6MRIohXR5O3k6F/smyAE76r81
obzktLmiJSE=
=XHPv
-----END PGP SIGNATURE-----