Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2736

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2008-2736
Last Modified 29 Oct 2012 11:12:36
Published 04 Sep 2008 12:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2736

Summary

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.

Vulnerable Systems


References

SECTRACK - 1020813

CISCO - 20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

CONFIRM - http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html

XF - cisco-asa-clientlessvpn-info-disclosure(44870)

BID - 30998

CISCO - 20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

SECUNIA - 31730


Last Updated: 27 May 2016 10:49:44