Posted on Aug 24, 2016
Cisco Exploit Leaked in NSA Hack Modifies to Target Latest Version of Firewalls
1.15K
2
1
2
2
0
More intrusions from the "Shadow Brokers" who managed to leverage a zero-day vulnerability in the Simple Network Messaging Protocol (SNMP) code of Cisco’s ASA software.
Cisco Exploit Leaked in NSA Hack Modifies to Target Latest Version of Firewalls
Posted from thehackernews.com
Technology
Hacking
Information Technology
Computers
Computer Networking
Posted >1 y ago
Responses: 1
0
0
0
Both vulnerabilities are mitigated by using the best business practices that have existed for a looooong time. If your company is currently vulnerable to these then I recommend getting another security engineer or administrator.
So the 1st vulnerability requires "An attacker must be authenticated to trigger this vulnerability" according to the Cisco Issues Security Advisory. The trick is to ensure that a person is authenticated before they are authorized. This happens through username and password, certificate, etc.
There are several guides out there detailing how to harden your security devices.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
The 2nd vulnerability requires "The attacker must know the SNMP community string to exploit this vulnerability"
So ensure they don't know the SNMP community string. These strings are essentially passwords. You can also limit those who are able to query SNMP packets by access list.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
So the 1st vulnerability requires "An attacker must be authenticated to trigger this vulnerability" according to the Cisco Issues Security Advisory. The trick is to ensure that a person is authenticated before they are authorized. This happens through username and password, certificate, etc.
There are several guides out there detailing how to harden your security devices.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
The 2nd vulnerability requires "The attacker must know the SNMP community string to exploit this vulnerability"
So ensure they don't know the SNMP community string. These strings are essentially passwords. You can also limit those who are able to query SNMP packets by access list.
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
Cisco Security Advisory: Cisco Adaptive Security Appliance CLI Remote Code Execution...
A vulnerability in the command-line interface (CLI) parser of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, local attacker to create a denial of service (DoS) condition or potentially execute arbitrary code. An attacker could exploit this vulnerability by invoking certain invalid commands in an affected device.Cisco has released software updates that address this vulnerability. There are no workarounds that...
(0)
(0)
Read This Next
Continue with Facebook 
Continue with Google