Vulnerabilities > CVE-2014-3386 - Resource Management Errors vulnerability in Cisco ASA

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
cisco
CWE-399
nessus

Summary

The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399.

Common Weakness Enumeration (CWE)

Nessus

NASL familyCISCO
NASL idCISCO-SA-20141008-ASA.NASL
descriptionThe remote Cisco ASA device is affected by one or more of the following vulnerabilities : - A flaw exists in the SQL*NET Inspection Engine due to improper handling of SQL REDIRECT packets. An attacker can exploit this vulnerability by sending a crafted sequence of REDIRECT packets through the affected system. This can cause the device to reload. (CVE-2014-3382) - A flaw exists in the IKE code that can allow an unauthenticated, remote attacker to cause the device to reload. This issue is due to the improper validation of UDP packets. (CVE-2014-3383) - A flaw exists in the IKEv2 code that can allow an unauthenticated, remote attacker to cause the device to reload. This issue is caused by the improper handling of crafted IKEv2 packets. (CVE-2014-3384) - A flaw exists in Health and Performance Monitoring for ASDM functionality that allows an unauthenticated, remote attacker to cause the reload of the device. This issue is caused by a race condition in the operation of the HPM functionality. An attacker can be able to exploit this by sending a large number of half-open simultaneous connections to the device. (CVE-2014-3385) - A flaw exists in the GPRS Tunneling Protocol Inspection Engine that can allow an unauthenticated, remote attacker to cause a reload of the device. This issue is caused by improper handling of GTP packets when sent in a specific sequence. (CVE-2014-3386) - A flaw exists in the SunRPC Inspection Engine that can allow an unauthenticated, remote attacker to cause a reload of the device. This issue is caused by improper validation of specially crafted SunRPC packets. (CVE-2014-3387) - A flaw exists in the DNS Inspection Engine that can allow an unauthenticated, remote attacker to cause a reload of the affected system. This issue is caused by the improper validation of crafted DNS packets. (CVE-2014-3388) - A flaw exists in the VPN failover component that can allow an authenticated, remote attacker to send configuration commands to the standby units. This is caused by an improper implementation of the internal filter for packets coming from an established VPN tunnel. (CVE-2014-3389) - A flaw exists in the VNMC component that allows an authenticated, local attacker to access the underlying operating system as the root user. This issue is caused by the improper sanitation of user-supplied input. (CVE-2014-3390) - A flaw exists in the function that exports environmental variables that allows an authenticated, local attacker to inject arbitrary commands. (CVE-2014-3391) - A flaw exists in the Clientless SSL VPN Portal feature that allows an unauthenticated, remote attacker to access arbitrary memory. This issue is caused by the improper sanitation of user-supplied input. (CVE-2014-3392) - A flaw exists in the Clientless SSL VPN Portal customization framework that allows an unauthenticated, remote attacker to modify the content of the portal interface. This can lead to the compromise of user credentials, cross-site scripting attacks, and other types of web attacks on the client using the system. This is caused by the improper implementation of authentication checks. (CVE-2014-3393) - A flaw exists in the Smart Call Home feature that allows an unauthenticated, remote attacker to bypass digital certificate validation if any feature that uses digital certificates is configured on the affected system. (CVE-2014-3394)
last seen2019-10-28
modified2014-10-10
plugin id78240
published2014-10-10
reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/78240
titleCisco ASA Software Multiple Vulnerabilities (cisco-sa-20141008-asa)