Vulnerabilities > CVE-2016-6367 - Unspecified vulnerability in Cisco Adaptive Security Appliance Software
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA.
Vulnerable Configurations
Exploit-Db
description | Cisco ASA / PIX - Privilege Escalation (EPICBANANA). CVE-2016-6367. Local exploit for Hardware platform |
file | exploits/hardware/local/40271.txt |
id | EDB-ID:40271 |
last seen | 2016-08-19 |
modified | 2016-08-19 |
platform | hardware |
port | |
published | 2016-08-19 |
reporter | Shadow Brokers |
title | Cisco ASA / PIX - Privilege Escalation (EPICBANANA) |
type | local |
Nessus
NASL family | CISCO |
NASL id | CISCO-SA-20160817-ASA-CLI.NASL |
description | The Cisco Adaptive Security Appliance (ASA) is missing a vendor-supplied security patch. It is, therefore, affected by a flaw in the command-line interface (CLI) parser related to processing invalid commands. An authenticated, local attacker can exploit this, via certain invalid commands, to cause a denial of service condition or the execution of arbitrary code. EPICBANANA is one of multiple Equation Group vulnerabilities and exploits disclosed on 2016/08/14 by a group known as the Shadow Brokers. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 93347 |
published | 2016-09-07 |
reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/93347 |
title | Cisco ASA Software CLI Invalid Command Invocation (cisco-sa-20160817-asa-cli) (EPICBANANA) |
The Hacker News
id | THN:05BB2798ECF69CCBCACF84ECB5BF1A26 |
last seen | 2018-01-27 |
modified | 2016-08-20 |
published | 2016-08-19 |
reporter | Mohit Kumar |
source | https://thehackernews.com/2016/08/nsa-hack-exploit.html |
title | Leaked Exploits are Legit and Belong to NSA: Cisco, Fortinet and Snowden Docs Confirm |
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
- http://blogs.cisco.com/security/shadow-brokers
- http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516
- https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip
- https://www.exploit-db.com/exploits/40271/
- http://www.securityfocus.com/bid/92520
- http://www.securitytracker.com/id/1036636