Cisco releases three Security Advisories to address vulnerabilities in multiple products

Cisco has released three security advisories: cisco-sa-20120314-asa, cisco-sa-20120314-fwsm, and cisco-sa-20120314-asaclient to address vulnerabilities affecting the following products:

• Cisco ASA 5500 Series Adaptive Security Appliances (ASA)
• Cisco Catalyst 6500 Series ASA Service Module (ASASM)
• Cisco Catalyst 6500 Series Firewall Service Module (FWSM)
• Cisco Adaptive Security Appliance Software 7.1 and 7.2
• Cisco Adaptive Security Appliance Software 8.0, 8.1, 8.2, 8.3, 8.4, 8.6

These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

Cisco recommends users and administrators to review the following security advisories and apply any necessary updates to help mitigate the risks..

1. Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module.
Free software updates that address this vulnerability and workarounds that mitigate some of the vulnerability are available at the following link:

• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa

Summary
Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) are affected by the following vulnerabilities:

• Cisco ASA UDP Inspection Engine Denial of Service Vulnerability
• Cisco ASA Threat Detection Denial of Service Vulnerability
• Cisco ASA Syslog Message 305006 Denial of Service Vulnerability
• Protocol Independent Multicast Denial of Service Vulnerability

These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.

2. Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability.
Free software updates that address this vulnerability are available at the following link:

• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm

Note: There are no workarounds available that mitigate this vulnerability

Summary
The Cisco Catalyst 6500 Series Firewall Services Module (FWSM) contains a Protocol Independent Multicast (PIM) Denial of Service Vulnerability.

3. Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability.
Free software updates that address this vulnerability and workarounds that mitigate this vulnerability are available at the following link:

• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient

Summary
The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser.

The affected ActiveX control is distributed to endpoint systems by Cisco ASA.  However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices.

Source: US-CERT