var-200511-0298
Vulnerability from variot
Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), and 7.0(4), when running with an Active/Standby configuration and when the failover LAN interface fails, allows remote attackers to cause a denial of service (standby firewall failure) by sending spoofed ARP responses from an IP address of an active firewall, which prevents the standby firewall from becoming active, aka "failover denial of service.". Cisco Adaptive Security Appliances are prone to a weakness that may cause a denial of service condition in certain circumstances. This issue is due to insufficient validation of ARP responses. This issue reportedly affects Cisco ASA devices running 7.0(0), 7.0(2), and 7.0(4). Other versions may also be affected. The Cisco ASA Series Adaptive Security Appliances are Cisco's purpose-designed solutions that combine the highest security and VPN services with a new Adaptive Identification and Defense (AIM) architecture. Whether the firewall is alive, but not authenticating the response to the request.
The weakness is caused due to the ASA failover testing algorithm failing to properly identify that the active firewall has failed. This can be exploited to prevent the standby firewall from activating via spoofed ARP responses. The failover may also fail to happen if there is another device with the same IP address as the active firewall on the same network subnet.
The weakness has been reported in ASA running 7.0(0), 7.0(2), and 7.0(4).
SOLUTION: The vendor recommends that port security should be configured for all switch ports in the same VLANs as the active and standby firewalls enabled interfaces to prevent an attacker from spoofing the active firewall's interface MAC address.
The firewall log should also be monitored for any IP address collisions.
PROVIDED AND/OR DISCOVERED BY: Amin Tora, ePlus Security Team.
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200511-0298",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(4\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(2\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(0\\)"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0\\(4\\)"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0\\(0\\)"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0\\(2\\)"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(4)"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(2)"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(0)"
}
],
"sources": [
{
"db": "BID",
"id": "15407"
},
{
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3788"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Amin Tora atora@EPLUS.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3788",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "VHN-14996",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CVE-2005-3788",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3788",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200511-369",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-14996",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2005-3788",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14996"
},
{
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), and 7.0(4), when running with an Active/Standby configuration and when the failover LAN interface fails, allows remote attackers to cause a denial of service (standby firewall failure) by sending spoofed ARP responses from an IP address of an active firewall, which prevents the standby firewall from becoming active, aka \"failover denial of service.\". Cisco Adaptive Security Appliances are prone to a weakness that may cause a denial of service condition in certain circumstances. This issue is due to insufficient validation of ARP responses. \nThis issue reportedly affects Cisco ASA devices running 7.0(0), 7.0(2), and 7.0(4). Other versions may also be affected. The Cisco ASA Series Adaptive Security Appliances are Cisco\u0027s purpose-designed solutions that combine the highest security and VPN services with a new Adaptive Identification and Defense (AIM) architecture. Whether the firewall is alive, but not authenticating the response to the request. \r\n\r\nThe weakness is caused due to the ASA failover testing algorithm\nfailing to properly identify that the active firewall has failed. This can be exploited to prevent\nthe standby firewall from activating via spoofed ARP responses. The\nfailover may also fail to happen if there is another device with the\nsame IP address as the active firewall on the same network subnet. \r\n\r\nThe weakness has been reported in ASA running 7.0(0), 7.0(2), and\n7.0(4). \n\nSOLUTION:\nThe vendor recommends that port security should be configured for all\nswitch ports in the same VLANs as the active and standby firewalls\nenabled interfaces to prevent an attacker from spoofing the active\nfirewall\u0027s interface MAC address. \r\n\r\nThe firewall log should also be monitored for any IP address\ncollisions. \n\nPROVIDED AND/OR DISCOVERED BY:\nAmin Tora, ePlus Security Team. \n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"db": "BID",
"id": "15407"
},
{
"db": "VULHUB",
"id": "VHN-14996"
},
{
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"db": "PACKETSTORM",
"id": "41564"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "15407",
"trust": 2.1
},
{
"db": "SECUNIA",
"id": "17550",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1015205",
"trust": 1.8
},
{
"db": "SREASON",
"id": "178",
"trust": 1.8
},
{
"db": "NVD",
"id": "CVE-2005-3788",
"trust": 1.8
},
{
"db": "CNNVD",
"id": "CNNVD-200511-369",
"trust": 0.7
},
{
"db": "XF",
"id": "23160",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051114 RE: [ADVISORY] CISCO ASA FAILOVER DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051114 [ADVISORY] CISCO ASA FAILOVER DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-14996",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2005-3788",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "41564",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14996"
},
{
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"db": "BID",
"id": "15407"
},
{
"db": "PACKETSTORM",
"id": "41564"
},
{
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"id": "VAR-200511-0298",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14996"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:13:27.512000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3788"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://secunia.com/advisories/17550/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/15407"
},
{
"trust": 1.8,
"url": "http://securitytracker.com/id?1015205"
},
{
"trust": 1.8,
"url": "http://securityreason.com/securityalert/178"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23160"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=113201784415859\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=113199814008230\u0026w=2"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/23160"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=113201784415859\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=113199814008230\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/ps6120/index.html"
},
{
"trust": 0.3,
"url": "/archive/1/416544"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=113201784415859\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=113199814008230\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6102/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6115/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14996"
},
{
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"db": "BID",
"id": "15407"
},
{
"db": "PACKETSTORM",
"id": "41564"
},
{
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14996"
},
{
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"db": "BID",
"id": "15407"
},
{
"db": "PACKETSTORM",
"id": "41564"
},
{
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-24T00:00:00",
"db": "VULHUB",
"id": "VHN-14996"
},
{
"date": "2005-11-24T00:00:00",
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"date": "2005-11-14T00:00:00",
"db": "BID",
"id": "15407"
},
{
"date": "2005-11-15T18:49:25",
"db": "PACKETSTORM",
"id": "41564"
},
{
"date": "2005-11-24T11:03:00",
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"date": "2005-11-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-14996"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2005-3788"
},
{
"date": "2005-11-14T00:00:00",
"db": "BID",
"id": "15407"
},
{
"date": "2023-08-11T18:54:47.730000",
"db": "NVD",
"id": "CVE-2005-3788"
},
{
"date": "2005-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Adaptive Security Applicance Failover denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-369"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.