Cisco 发布了三个安全公告,以应对发现于 Cisco Adaptive Security Appliance (ASA) 软件中 和 Cisco Firepower系统软件中的多个漏洞。
远程攻击者可以向受影响装置发出特制内容的NetBIOS封包、enrollment 请求或HTTP封包串流来攻击这些漏洞。
关于受影响产品的详细数据,请参阅供货商网站相关安全公告中 “Affected Products” 的部分:
01. Cisco ASA Software Identity Firewall Feature 缓冲区满溢漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw
02. Cisco ASA Software Local Certificate Authority 服务受阻断漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-ca
03. Cisco Firepower Detection Engine HTTP 服务受阻断漏洞
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort
成功利用这些漏洞可以导致执行任意程序代码、服务受阻断、装置重新启动或控制受影响的系统,视乎攻击者利用哪个漏洞而定。
适用于受影响系统的修补程序已可获取。受影响系统的用户应遵从产品供货商的建议,立即采取行动以降低风险。有关修补程序的详细数据,请参阅供货商网站的相应安全公告中有关 “Fixed Software” 的部分。
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-ca
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort
https://www.us-cert.gov/ncas/current-activity/2016/10/19/Cisco-Releases-Security-Updates
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6439