Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1155

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2009-1155
Last Modified 28 Apr 2009 01:39:14
Published 09 Apr 2009 11:08:35
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-1155

Summary

Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.

Vulnerable Systems


References

CISCO - 20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances

VUPEN - ADV-2009-0981

SECTRACK - 1022016

BID - 34429

SECUNIA - 34607

OSVDB - 53441


Last Updated: 27 May 2016 10:50:28