Cisco PIX and ASA Multiple Denial of Service, ACL Bypass, and Authentication Bypass Vulnerabilities

Cisco PIX Security Appliance and ASA 5500 Series Adaptive Security Appliance are prone to multiple denial-of-service vulnerabilities, an ACL-bypass vulnerability, and an authentication-bypass vulnerability.

Remote attackers can exploit these issues to cause an affected device to reload, to force network traffic to bypass ACL rules, or to gain unauthorized access to an affected device. Successful exploits may facilitate further attacks.

These issues are documented by the following Cisco Bug IDs:

CSCsx47543 further documents the issue tracked by CVE-2009-1155.
CSCsv52239 further documents the issue tracked by CVE-2009-1156.
CSCsy22484 further documents the issue tracked by CVE-2009-1157.
CSCsx32675 further documents the issue tracked by CVE-2009-1158.
CSCsw51809 further documents the issue tracked by CVE-2009-1159.
CSCsq91277 further documents the issue tracked by CVE-2009-1160.


 

Privacy Statement
Copyright 2010, SecurityFocus