 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.807093 |
| Category: | CISCO |
| Title: | Cisco ASA Non-DCERPC Traffic Bypass Vulnerability (cisco-sa-20160111-asa) |
| Summary: | Cisco ASA Software is prone to traffic bypass vulnerability. |
| Description: | Summary: Cisco ASA Software is prone to traffic bypass vulnerability. Vulnerability Insight: The flaw is due to an internal access control list (ACL), which is used to allow DCERPC traffic but is incorrectly programmed to allow all traffic types and not restricted to DCERPC TCP port 135. Vulnerability Impact: Successful exploitation allows the attacker to access hosts that should normally be restricted through the ASA. Solution: See the referenced vendor advisory for a solution. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2015-6423 Cisco Security Advisory: 20160111 Cisco Adaptive Security Appliance Non-DCERPC Traffic Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asa http://www.securitytracker.com/id/1034644 |
| Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |