ID de Prueba:	1.3.6.1.4.1.25623.1.0.107065
Categoría:	CISCO
Título:	Cisco ASA Software Local Certificate Authority Denial of Service Vulnerability (cisco-sa-20161019-asa-ca)
Resumen:	A vulnerability in the local Certificate Authority (CA) feature; of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the; affected system.
Descripción:	Summary: A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. Vulnerability Insight: The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker could exploit this vulnerability by sending a crafted enrollment request to the affected system. Note: Only HTTPS packets directed to the Cisco ASA interface, where the local CA is allowing user enrollment, can be used to trigger this vulnerability. This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode. Vulnerability Impact: An exploit could allow the attacker to cause the reload of the affected system. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6431 BugTraq ID: 93786 http://www.securityfocus.com/bid/93786 http://www.securitytracker.com/id/1037060
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.