===================================================================== CERT-Renater Note d'Information No. 2010/VULN236 _____________________________________________________________________ DATE : 29/06/2010 HARDWARE PLATFORM(S) : Cisco Adaptive Security Appliance. OPERATING SYSTEM(S) : CISCO ASA software versions prior to 8.1(2). ====================================================================== http://www.publicsafety.gc.ca/prg/em/ccirc/2010/av10-018-eng.aspx ______________________________________________________________________ PUBLIC SAFETY CANADA CANADIAN CYBER INCIDENT RESPONSE CENTRE ***************** ADVISORY ***************** Number: AV10-018 Date: 28 June 2010 *********************************************** Cisco ASA HTTP Response Splitting Vulnerability *********************************************** PURPOSE - ------- The purpose of this advisory is to bring attention to a vulnerability in Cisco ASA. ASSESSMENT - ------------- Cisco Adaptive Security Appliance (ASA) is vulnerable to HTTP response splitting caused by improper validation of user supplied input. A remote user can exploit this to spoof content on the target ASA appliance, attempt to poison any intermediate web caches or conduct cross-site scripting attacks. SecureWorks has scored this as high in the likelihood that it can be exploited because this device is typically at the perimeter of the network to allow remote access. The impact was also assessed at high because it could lead to stolen credentials and access to the VPN. Affected software: The vulnerability is reported in versions 8.1(1) and prior. REFERENCES - ------------- This vulnerability has been assigned the CVE identifier CVE-2008-7257. Cisco has assigned Cisco Bug ID CSCsr09163 to this vulnerability. http://securitytracker.com/alerts/2010/Jun/1024155.html http://www.secureworks.com/ctu/advisories/SWRX-2010-001/ SUGGESTED ACTION - ---------------- Cisco has released a fix to address this vulnerability. CCIRC recommends that departments liaise with the administrators/maintainers of the network service to identify affected products and assess the need to apply the appropriate updates and/or workarounds. Software version 8.1(2) addresses this security flaw. ================= Note to Readers The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================