SecuritySpace - CVE-2015-0675

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-0675

Description: The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.

Test IDs: 1.3.6.1.4.1.25623.1.0.105998

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-0675
Cisco Security Advisory: 20150408 Multiple Vulnerabilities in Cisco ASA Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
http://www.securitytracker.com/id/1032045

CVE ID:	CVE-2015-0675
Description:	The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.
Test IDs:	1.3.6.1.4.1.25623.1.0.105998
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-0675 Cisco Security Advisory: 20150408 Multiple Vulnerabilities in Cisco ASA Software http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa http://www.securitytracker.com/id/1032045