Vulnerabilities > CVE-2011-0394 - Resource Management Errors vulnerability in Cisco products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20110223-ASA.NASL |
| description | The remote Cisco ASA device is missing a security patch and may be affected by the following issues : - When configured for transparent firewall mode, a packet buffer exhaustion vulnerability could cause the appliance to stop forwarding traffic. (CVE-2011-0393) - When SCCP inspection is enabled, a malformed SCCP message could cause the appliance to reload. (CVE-2011-0394) - If both RIP and the Cisco Phone Proxy feature are enabled, the appliance may reload when processing valid RIP updates. (CVE-2011-0395) - When the appliance is configured as a local CA server, unauthorized users can obtain sensitive data without providing authentication. (CVE-2011-0396) |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 52586 |
| published | 2011-03-09 |
| reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/52586 |
| title | Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20110223-asa) |
| code | |
References
- http://secunia.com/advisories/43453
- http://secunia.com/advisories/43488
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml
- http://www.securityfocus.com/bid/46518
- http://www.securitytracker.com/id?1025108
- http://www.securitytracker.com/id?1025109
- http://www.vupen.com/english/advisories/2011/0493
- http://www.vupen.com/english/advisories/2011/0494
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65593
- http://secunia.com/advisories/43453
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65593
- http://www.vupen.com/english/advisories/2011/0494
- http://www.vupen.com/english/advisories/2011/0493
- http://www.securitytracker.com/id?1025109
- http://www.securitytracker.com/id?1025108
- http://www.securityfocus.com/bid/46518
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml
- http://secunia.com/advisories/43488