ID

VAR-201101-0310


CVE

CVE-2010-4677


TITLE

Cisco Adaptive Security Appliances Runs on the device emWEB Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2011-001116

DESCRIPTION

emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service (daemon crash) via a request for a document whose name contains space characters, aka Bug ID CSCsy08416. Cisco Adaptive Security Appliances Runs on the device emWEB There is a service disruption (DoS) There is a vulnerability that becomes a condition. The problem is Bug ID CSCsy08416 It is a problem.Denial of service operation by a third party through a request for a document that contains a space in the file name (DoS) There is a possibility of being put into a state. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Cisco ASA 5500 Series Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42931 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42931/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42931 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42931/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42931/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42931 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious users and malicious people to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). 1) An error when handling EIGRP multicast traffic can be exploited to exhaust certain system resources. 2) An error when handling TELNET connections can be exploited to bypass certain access restrictions by connecting to the lowest security level interface. Successful exploitation of this vulnerability requires valid credentials. 3) An error when handling unspecified IPSEC traffic can be exploited to cause a device to crash via a high volume of traffic. 4) An error in emWEB when handling filename requests can be exploited to crash the daemon by requesting a filename containing white space characters. 5) An error when handling packets during device startup can be exploited to bypass configured access restrictions. 6) An error when handling Online Certificate Status Protocol (OCSP) connection failures can be exploited by OCSP responders to exhaust TCP sockets by rejecting connection attempts. 7) An error in the WebVPN implementation when handling CIFS connections can be exploited to access a share via certain CIFS requests. Successful exploitation of this vulnerability requires valid credentials and CIFS file browsing to be disabled. 8) An error within SMTP inspection can be exploited to bypass the inspection via prepended space characters. 9) An error when handling LDAP connections can be exploited to exhaust memory resources via invalid authentication attempts. 10) An error within SIP inspection can be exploited to crash a device via a high volume of calls (greater than 600). 11) An error in the Mobile User Security (MUS) service when handling HTTP requests from a Web Security Appliance (WSA) can be exploited to bypass authentication via a HEAD request. 12) An error when handling unspecified multicast traffic can be exploited to crash a device. 13) An error when handling LAN-to-LAN (L2L) IPSEC sessions can be exploited to crash a device via a high volume of sessions (greater than 10000). The vulnerabilities are reported in versions prior to 8.2(4) and 8.3(2). SOLUTION: Update to versions 8.2(4) and 8.3(2). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2010-4677 // JVNDB: JVNDB-2011-001116 // CNVD: CNVD-2011-0111 // BID: 45767 // VULHUB: VHN-47282 // PACKETSTORM: 97596

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2011-0111

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2.2

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.2.2

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.8

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1.1

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.2.1

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.5

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.6

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1.2

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.1

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.7

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.0.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0\(0\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.7\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.0.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.16\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0\(5\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.10\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1\(2.49\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.0.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0\(6.7\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(1\)

Trust: 1.0

vendor:ciscomodel:5500 series adaptive security appliancescope:eqversion:*

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1\(2\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.5\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:lteversion:8.2\(2\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.4.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1\(2.27\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.1.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.0.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.18\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.48\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1

Trust: 1.0

vendor:ciscomodel:asa 5500scope:eqversion:*

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1\(5\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.15\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0\(4\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.19\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0\(2\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1\(2.5\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0\(5.2\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.2\(1\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.8\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.1\(2.48\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.17\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(1.22\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:7.2\(2.14\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliancescope:ltversion:5500 version 8.2(3)

Trust: 0.8

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:5500<8.2(3)

Trust: 0.6

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(2.17)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(2.13)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(2.10)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(2.1)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(2)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(1.5)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(1.2)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(1.16)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(1.15)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2(1.10)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:eqversion:55008.2

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:neversion:55008.2(3)

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancescope:neversion:55008.1(2.46)

Trust: 0.3

sources: CNVD: CNVD-2011-0111 // BID: 45767 // JVNDB: JVNDB-2011-001116 // CNNVD: CNNVD-201101-037 // NVD: CVE-2010-4677

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-4677
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-4677
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201101-037
value: MEDIUM

Trust: 0.6

VULHUB: VHN-47282
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-4677
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-47282
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-47282 // JVNDB: JVNDB-2011-001116 // CNNVD: CNNVD-201101-037 // NVD: CVE-2010-4677

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-47282 // JVNDB: JVNDB-2011-001116 // NVD: CVE-2010-4677

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201101-037

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201101-037

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-001116

PATCH

title:22291url:http://tools.cisco.com/security/center/viewAlert.x?alertId=22291

Trust: 0.8

title:Release Notes for the Cisco ASA 5500 Series, Version 8.2(x)url:http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf

Trust: 0.8

title:Patch for emWEB vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series appliancesurl:https://www.cnvd.org.cn/patchInfo/show/2537

Trust: 0.6

sources: CNVD: CNVD-2011-0111 // JVNDB: JVNDB-2011-001116

EXTERNAL IDS

db:NVDid:CVE-2010-4677

Trust: 3.4

db:BIDid:45767

Trust: 2.2

db:SECUNIAid:42931

Trust: 2.0

db:SECTRACKid:1024963

Trust: 1.9

db:VUPENid:ADV-2011-0130

Trust: 0.8

db:XFid:64603

Trust: 0.8

db:JVNDBid:JVNDB-2011-001116

Trust: 0.8

db:CNNVDid:CNNVD-201101-037

Trust: 0.7

db:CNVDid:CNVD-2011-0111

Trust: 0.6

db:VULHUBid:VHN-47282

Trust: 0.1

db:PACKETSTORMid:97596

Trust: 0.1

sources: CNVD: CNVD-2011-0111 // VULHUB: VHN-47282 // BID: 45767 // JVNDB: JVNDB-2011-001116 // PACKETSTORM: 97596 // CNNVD: CNNVD-201101-037 // NVD: CVE-2010-4677

REFERENCES

url:http://www.cisco.com/en/us/docs/security/asa/asa82/release/notes/asarn82.pdf

Trust: 2.6

url:http://www.securityfocus.com/bid/45767

Trust: 1.9

url:http://www.securitytracker.com/id?1024963

Trust: 1.9

url:http://secunia.com/advisories/42931

Trust: 1.9

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/64603

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4677

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/64603

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4677

Trust: 0.8

url:http://www.vupen.com/english/advisories/2011/0130

Trust: 0.8

url:http://www.cisco.com

Trust: 0.3

url:http://secunia.com/products/corporate/evm/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42931

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/42931/

Trust: 0.1

url:http://secunia.com/advisories/42931/#comments

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:http://secunia.com/products/corporate/vim/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://www.cisco.com/en/us/docs/security/asa/asa83/release/notes/asarn83.html

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://www.cisco.com/en/us/docs/security/asa/asa82/release/notes/asarn82.html

Trust: 0.1

sources: CNVD: CNVD-2011-0111 // VULHUB: VHN-47282 // BID: 45767 // JVNDB: JVNDB-2011-001116 // PACKETSTORM: 97596 // CNNVD: CNNVD-201101-037 // NVD: CVE-2010-4677

CREDITS

Cisco

Trust: 0.3

sources: BID: 45767

SOURCES

db:CNVDid:CNVD-2011-0111
db:VULHUBid:VHN-47282
db:BIDid:45767
db:JVNDBid:JVNDB-2011-001116
db:PACKETSTORMid:97596
db:CNNVDid:CNNVD-201101-037
db:NVDid:CVE-2010-4677

LAST UPDATE DATE

2024-11-23T21:47:03.989000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2011-0111date:2011-01-12T00:00:00
db:VULHUBid:VHN-47282date:2017-08-17T00:00:00
db:BIDid:45767date:2011-01-11T00:00:00
db:JVNDBid:JVNDB-2011-001116date:2011-02-23T00:00:00
db:CNNVDid:CNNVD-201101-037date:2011-01-10T00:00:00
db:NVDid:CVE-2010-4677date:2024-11-21T01:21:29.903

SOURCES RELEASE DATE

db:CNVDid:CNVD-2011-0111date:2011-01-12T00:00:00
db:VULHUBid:VHN-47282date:2011-01-07T00:00:00
db:BIDid:45767date:2011-01-11T00:00:00
db:JVNDBid:JVNDB-2011-001116date:2011-02-23T00:00:00
db:PACKETSTORMid:97596date:2011-01-18T10:42:17
db:CNNVDid:CNNVD-201101-037date:2011-01-10T00:00:00
db:NVDid:CVE-2010-4677date:2011-01-07T12:00:50.123