发布日期:2012-03-14
更新日期:2012-03-15
受影响系统:
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.x
Cisco Catalyst 6500 Series ASA Services Module 8.x
不受影响系统:
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.5(1.2)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.4(2.1)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.3(2.22)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.2(5.5)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.1(2.50)
Cisco isco ASA 5500 Series Adaptive Security Appliance 8.0(5.25)
Cisco Catalyst 6500 Series ASA Services Module 8.5(1.2)
Cisco Catalyst 6500 Series ASA Services Module 8.4(2.1)
Cisco Catalyst 6500 Series ASA Services Module 8.3(2.22)
Cisco Catalyst 6500 Series ASA Services Module 8.2(5.5)
Cisco Catalyst 6500 Series ASA Services Module 8.1(2.50)
Cisco Catalyst 6500 Series ASA Services Module 8.0(5.25)
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 52489
CVE(CAN) ID: CVE-2012-0354
Cisco ASA 5500系列自适应安全设备是用于提供安全和VPN服务的模块化平台,可提供防火墙、IPS、anti-X和VPN服务。
ASA威胁检测功能在用Cisco ASA Scanning Threat Mode功能配置后并启用了shun选项后,包含可使远程未验证攻击者触发ASA重载的漏洞。由于shun事件触发了内部漏洞,且没有正确处理导致了此漏洞。通过发送IP报文触发扫描功能的shun选项,可利用此漏洞。
建议:
--------------------------------------------------------------------------------
临时解决方法:
如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
*禁用shun选项。
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20120314-asa)以及相应补丁:
cisco-sa-20120314-asa:Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module