Cisco Adaptive Security Appliance (ASA) IDFW Security Vulnerability

Release date:
Updated on:

Affected Systems:
Cisco ASA <9.1 (. 3)
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-0653, CVE-2014-0655

The Cisco ASA 5500 Series Adaptive Security Device is a modular platform for providing security and VPN services. It provides firewall, IPS, anti-X, and VPN services.

A Security vulnerability exists in the implementation of Cisco Adaptive Security Appliance (ASA) 9.1 (. 3) and can cause unauthorized database operations after successful exploitation.

The CVE-2014-0655 vulnerability is caused by an error in the Identity Firewall (IDFW) RADIUS Change of Authorization (CoA) message, which modifies the content cached by the idfw user through a replay attack;

The CVE-2014-0653 vulnerability is caused by an error in the NetBIOS deregister probe function in the Identity Firewall (IDFW) function, which can be exploited to authorize the user.

<* Source: vendor

Link: http://secunia.com/advisories/56366/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.cisco.com/go/psirt

Cisco (cscuj000032, cscuj000040 ):
Http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653
Http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655
Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 32362
Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 32363