English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.106183
Kategorie:CISCO
Titel:Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability (cisco-sa-20160817-asa-snmp)
Zusammenfassung:A vulnerability in the Simple Network Management Protocol; (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated,; remote attacker to cause a reload of the affected system or to remotely execute code.
Beschreibung:Summary:
A vulnerability in the Simple Network Management Protocol
(SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated,
remote attacker to cause a reload of the affected system or to remotely execute code.

Vulnerability Insight:
The vulnerability is due to a buffer overflow in the affected
code area. An attacker could exploit this vulnerability by sending crafted SNMP packets to the
affected system. An exploit could allow the attacker to execute arbitrary code and obtain full
control of the system or to cause a reload of the affected system. The attacker must know the
SNMP community string to exploit this vulnerability.

Note: Only traffic directed to the affected system can be used to exploit this vulnerability.
This vulnerability affects systems configured in routed and transparent firewall mode only and in
single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. The
attacker requires knowledge of the configured SNMP community string in SNMP version 1 and SNMP
version 2c or a valid username and password for SNMP version 3.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
8.5

CVSS Vector:
AV:N/AC:M/Au:S/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-6366
BugTraq ID: 92521
http://www.securityfocus.com/bid/92521
Cisco Security Advisory: 20160817 Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
https://www.exploit-db.com/exploits/40258/
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip
https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html
http://www.securitytracker.com/id/1036637
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.