CertCities.com -- The Ultimate Site for Certified IT Professionals
Register today for a Free Sponsored Tech Library Webcast and you could WIN! Share share | bookmark | e-mail
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  Newsletters
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Press Releases
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

See What's New on
Redmondmag.com!

Cover Story: IE8: Behind the 8 Ball

Tech-Ed: Let's (Third) Party!

A Secure Leap into the Cloud

Windows Mobile's New Moves

SQL Speed Secrets

CertCities.com
Let us know what you
think! E-mail us at:
 
 
...Home ... Editorial ... News ..News Story Tuesday: December 28, 2010


Cisco's ASA, PIX Vulnerable


5/7/2007 -- Cisco Systems Inc. last week alerted customers to a number of new vulnerabilities in its Adaptive Security Appliance (ASA) and PIX security appliances.

Under certain circumstances, Cisco conceded, an attacker could exploit the most serious of these flaws to bypass LDAP authentication mechanisms and gain access to network resources -- or to the appliance itself.

In a security advisory published on its Web site, Cisco acknowledged that its ASA and PIX appliances are vulnerable to two LDAP authentication bypass vulnerabilities along with a pair of denial-of-service (DoS) flaws. The networking giant released software updates to patch all four flaws.

The first of the LDAP vulnerabilities involves L2TP and IPsec. Devices which terminate L2TP IPsec tunnels and which are configured to use LDAP in tandem with either CHAP, MS-CHAPv1 or MS-CHAPv2 are vulnerable to an authentication bypass exploit, Cisco said. However, in cases where LDAP authentication is used along with PAP, devices are not vulnerable.

The second LDAP flaw involves a potential remote management and access exploit. ASA and PIX devices which use LDAP AAA servers to authenticate management sessions (via telnet, SSH and HTTP) may be vulnerable to an authentication bypass attack. There are a couple of caveats, of course: Admins must specifically configure a device so that it supports remote access management sessions, for starters, and such access is also typically limited to a pre-defined range of source IP addresses within the device's configuration.

In either case, Cisco acknowledged, an attacker who successfully exploits these vulnerabilities could gain access either to internal network or the device itself.

The DoS vulnerabilities take the form of a password expiration exploit and an SSL VPN exploit. The former flaw affects ASA and PIX devices that terminate VPN connections. If an administrator configures password expiry for the VPN tunnel group, Cisco warned, an attacker could potentially reload the device. To exploit this vulnerability for IPsec VPN connections, an attacker would have to know the correct group name and group password; for SSL VPN connections, on the other hand, he or she wouldn't need this information.

Finally, Cisco said ASAs using clientless SSL VPNs are vulnerable to potential DoS via their SSL VPN HTTP servers. In this case, too, an attacker could force the reloading of the device, Cisco indicated. --Stephen Swoyer

Current CertCities.com user Comments for “Cisco's ASA, PIX Vulnerable

There are no comments yet. Post one now.

Your comment about: “Cisco's ASA, PIX Vulnerable”
Name: (optional)
Location: (optional)
E-mail Address: (optional)
Comment:
   

-- advertisement (story continued below) --

top
Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Press Releases | RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | Redmond Media Group | TechMentor Conferences | Tech Library Webcasts
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. CiscoÆ and Cisco SystemsÆ are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. OracleÆ is a registered trademark of Oracle Corp. A+Æ, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
Reprints allowed with written permission from the publisher. For more information, e-mail
Application Development Trends | Campus Technology | CertCities.com | The Data Warehousing Institute
E-Gov | EduHound | ENTmag.com | Enterprise Systems | Federal Computer Week | FTPOnline.com | Government Health IT
IT Compliance Institute | MCPmag.com | Recharger | Redmond Developer News | Redmond | Redmond Events | Redmond Channel Partner | Redmond Report
TCPmag.com | T.H.E. Journal | Virtualization Review | Visual Studio Magazine | VSLive!
Copyright 1996-2009 1105 Media, Inc. See our Privacy Policy.
1105 Redmond Media Group