Release date:
Updated on:
Affected Systems:
Cisco ASA 8.2.1 3
Cisco ASA 8.2.1
Cisco ASA 8.1.2.25
Cisco ASA 8.1.2
Cisco ASA 8.1 (2) 19
Cisco ASA 8.1 (2) 14
Cisco ASA 8.0.4.34
Cisco ASA 8.0.2 11
Cisco ASA 8.0 (4)
Cisco ASA 1, 8.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 53558
Cve id: CVE-2012-0335
The Cisco Adaptive Security Device (ASA) is a modular platform that provides Security and VPN services.
A Security vulnerability exists in pass-through proxy authentication in Cisco Adaptive Security Appliance (ASA) 8.4.3 (8), which can trick users into disclosing certain information for identity authentication.
<* Source: Cisco
Link: http://secunia.com/advisories/49139/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.cisco.com/warp/public/707/advisory.html