![]() ![]() The Cisco PSIRT has assigned this bug the following CVSS version 2 score. An exploit could allow the attacker to reload the affected system and create a denial of service condition. ![]() An attacker could exploit this vulnerability by accessing crafted URL Permit intra-interface and management-access commands are configured. The vulnerability is due to a stack overflow while browsing internal resources via the Clientless SSL VPN portal when the same-security-traffic The we can see the acl is working be looking at the hit count as seen here (show access-list):Īccess-list deny_pub_priv line 1 webtype deny url (hitcnt=3)Ī vulnerability in Clientless SSL VPN feature of Cisco ASA Software could allow an authenticated, remote attacker to cause the reload of an Now when you browse to that address you get a message that states ?access to this recourse has been denied? and NO crash! There is a workaround using a webvpn filter to block the clientless users from accessing https on the inside interface:Īccess-list deny_pub_priv webtype deny url (where 93.124.22.2 is the asa private ip address) same-security-traffic permit intra-interface and management-access commands are configured Webvpn is enabled on more then one interface ![]() ASA reload with traceback in Unicorn Proxy ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |