Vulnerabilities > CVE-2013-1149 - Unspecified vulnerability in Cisco products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cisco
nessus
Summary
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267.
Vulnerable Configurations
Nessus
NASL family CISCO NASL id CISCO-SA-20130410-ASA.NASL description The remote host (Cisco ASA 5500 series or 1000V Cloud Firewall) is missing a security patch. It, therefore, could be affected by the following issues : - An unspecified vulnerability in the IKE version 1 implementation. (CVE-2013-1149) - An unspecified vulnerability in the URL processing code of the authentication proxy feature. (CVE-2013-1150) - An unspecified vulnerability in the implementation to validate digital certificates. (CVE-2013-1151) - An unspecified vulnerability in the DNS inspection engine. (CVE-2013-1152) A remote, unauthenticated attacker could exploit any of these vulnerabilities to cause a device reload. last seen 2020-06-01 modified 2020-06-02 plugin id 65931 published 2013-04-11 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/65931 title Cisco ASA Multiple Vulnerabilities (cisco-sa-20130410-asa) NASL family CISCO NASL id CISCO-SA-20130410-FWSM.NASL description The remote Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers may be affected by the following vulnerabilities : - A flaw in the FWSM software could allow remote attackers to cause a denial of service (DoS) condition via a crafted IKEv1 message. (CVE-2013-1149) - The FWSM HTTP Proxy auth-proxy functionality could allow remote attackers to cause a DoS condition via a specially crafted URL. (CVE-2013-1155) last seen 2020-06-01 modified 2020-06-02 plugin id 69924 published 2013-09-17 reporter This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/69924 title Multiple Vulnerabilities in Cisco Firewall Services Module Software (cisco-sa-20130410-fwsm)