cnvd - cnvd-2016-00929

cnvd-2016-00929

Vulnerability from cnvd

Title: Cisco ASA Software IKE密钥交换协议缓冲区溢出漏洞

Description:

Cisco ASA是一款自适应安全设备，可提供安全和VPN服务的模块化平台，可提供防火墙、IPS、anti-X和VPN服务。

Cisco ASA Software的IKEv1及IKEv2代码中存在缓冲区溢出漏洞，未经身份验证的远程攻击者利用漏洞发送特制的UDP数据包到受影响系统，可导致系统重载或远程代码执行。

Severity: 高

Patch Name: Cisco ASA Software IKE密钥交换协议缓冲区溢出漏洞的补丁

Patch Description:

Cisco ASA是一款自适应安全设备，可提供安全和VPN服务的模块化平台，可提供防火墙、IPS、anti-X和VPN服务。

Cisco ASA Software的IKEv1及IKEv2代码中存在缓冲区溢出漏洞，未经身份验证的远程攻击者利用漏洞发送特制的UDP数据包到受影响系统，可导致系统重载或远程代码执行。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布安全公告修复该漏洞，请用户及时下载更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1287 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike

Impacted products

Name
['Cisco ASA 1000V Cloud Firewall 8.x', 'Cisco 7600 Series Routers', 'Cisco Catalyst 6500 Series Switches', 'Cisco ASA 5500 Series Adaptive Security Appliance', 'Cisco ASA 5500-X Series Next-Generation Firewalls', 'Cisco Adaptive Security Virtual Appliance (ASAv)', 'Cisco Firepower 9300 ASA Security Module', 'Cisco ISA 3000 Industrial Security Appliance']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1287"
    }
  },
  "description": "Cisco ASA\u662f\u4e00\u6b3e\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\uff0c\u53ef\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\uff0c\u53ef\u63d0\u4f9b\u9632\u706b\u5899\u3001IPS\u3001anti-X\u548cVPN\u670d\u52a1\u3002\r\n\r\nCisco ASA Software\u7684IKEv1\u53caIKEv2\u4ee3\u7801\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53d1\u9001\u7279\u5236\u7684UDP\u6570\u636e\u5305\u5230\u53d7\u5f71\u54cd\u7cfb\u7edf\uff0c\u53ef\u5bfc\u81f4\u7cfb\u7edf\u91cd\u8f7d\u6216\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002",
  "discovererName": "Cisco,David Barksdale,Jordan Gruskovnjak,Alex Wheeler",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u5b89\u5168\u516c\u544a\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u8bf7\u7528\u6237\u53ca\u65f6\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00929",
  "openTime": "2016-02-16",
  "patchDescription": "Cisco ASA\u662f\u4e00\u6b3e\u81ea\u9002\u5e94\u5b89\u5168\u8bbe\u5907\uff0c\u53ef\u63d0\u4f9b\u5b89\u5168\u548cVPN\u670d\u52a1\u7684\u6a21\u5757\u5316\u5e73\u53f0\uff0c\u53ef\u63d0\u4f9b\u9632\u706b\u5899\u3001IPS\u3001anti-X\u548cVPN\u670d\u52a1\u3002\r\n\r\nCisco ASA Software\u7684IKEv1\u53caIKEv2\u4ee3\u7801\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u53d1\u9001\u7279\u5236\u7684UDP\u6570\u636e\u5305\u5230\u53d7\u5f71\u54cd\u7cfb\u7edf\uff0c\u53ef\u5bfc\u81f4\u7cfb\u7edf\u91cd\u8f7d\u6216\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco ASA Software IKE\u5bc6\u94a5\u4ea4\u6362\u534f\u8bae\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco ASA 1000V Cloud Firewall 8.x",
      "Cisco 7600 Series Routers",
      "Cisco Catalyst 6500 Series Switches",
      "Cisco ASA 5500 Series Adaptive Security Appliance",
      "Cisco ASA 5500-X Series Next-Generation Firewalls",
      "Cisco Adaptive Security Virtual Appliance (ASAv)",
      "Cisco Firepower 9300 ASA Security Module",
      "Cisco ISA 3000 Industrial Security Appliance"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1287\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike",
  "serverity": "\u9ad8",
  "submitTime": "2016-02-10",
  "title": "Cisco ASA Software IKE\u5bc6\u94a5\u4ea4\u6362\u534f\u8bae\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2016-1287 (GCVE-0-2016-1287)

Vulnerability from cvelistv5

Published

2016-02-11 18:00

Modified

2024-08-05 22:48

Severity ?

CWE

Summary

Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.

References

▼	URL	Tags
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike	vendor-advisory, x_refsource_CISCO
	http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html	x_refsource_MISC
	http://www.securitytracker.com/id/1034997	vdb-entry, x_refsource_SECTRACK
	https://blog.exodusintel.com/2016/02/10/firewall-hacking/	x_refsource_MISC
	https://www.kb.cert.org/vuls/id/327976	third-party-advisory, x_refsource_CERT-VN
	https://www.exploit-db.com/exploits/39823/	exploit, x_refsource_EXPLOIT-DB

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:48:13.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20160210 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html"
          },
          {
            "name": "1034997",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034997"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://blog.exodusintel.com/2016/02/10/firewall-hacking/"
          },
          {
            "name": "VU#327976",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/327976"
          },
          {
            "name": "39823",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/39823/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-03T22:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20160210 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html"
        },
        {
          "name": "1034997",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034997"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://blog.exodusintel.com/2016/02/10/firewall-hacking/"
        },
        {
          "name": "VU#327976",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/327976"
        },
        {
          "name": "39823",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/39823/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1287",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160210 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike"
            },
            {
              "name": "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html"
            },
            {
              "name": "1034997",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034997"
            },
            {
              "name": "https://blog.exodusintel.com/2016/02/10/firewall-hacking/",
              "refsource": "MISC",
              "url": "https://blog.exodusintel.com/2016/02/10/firewall-hacking/"
            },
            {
              "name": "VU#327976",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/327976"
            },
            {
              "name": "39823",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/39823/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1287",
    "datePublished": "2016-02-11T18:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:48:13.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted