Security Alert (A15-04-04): Multiple Vulnerabilities in Cisco Products

Description:

Cisco has released security advisories fixing a number of vulnerabilities in Cisco security appliances, virtual appliances and services modules as listed below:

• Cisco ASA Failover Command Injection Vulnerability
• Cisco ASA DNS Memory Exhaustion Vulnerability
• Cisco ASA VPN XML Parser Denial of Service Vulnerability

There are multiple attack vectors against the affected systems or modules. An unauthenticated remote attacker could send crafted UDP packets directed to the failover interface IP address, intercept a DNS request and reply with a crafted DNS reply packet, or send a crafted XML message to an affected system configured for Clientless or AnyConnect SSL VPN, and AnyConnect IKEv2 VPN to exploit the vulnerabilities.

Affected Systems:

• Cisco ASA 1000V Cloud Firewall
• Cisco ASA 5500 Series Adaptive Security Appliances (ASA)
• Cisco ASA 5500-X Series Next-Generation Firewalls
• Cisco ASA Services Module for Catalyst 6500 Series Switches and 7600 Series Routers
• Cisco Adaptive Security Virtual Appliance (ASAv)

Impact:

A successful attack could cause a reload or DoS condition, or take full control of the affected system.

Recommendation:

Patches for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Obtaining Fixed Software" of corresponding security advisory at vendor's website.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa

More Information:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0675
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0676
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0677