Remote Authentication Bypass in Cisco ASA and PIX Security Appliances
CVE-2010-0568

Currently unrated

Key Information:

Vendor: Cisco
Status: Asa 5500; Pix 500
Vendor: CVE Published:; 19 February 2010

Summary

A vulnerability in Cisco ASA 5500 and PIX 500 Series security appliances enables remote attackers to bypass NTLMv1 authentication by sending a crafted username. This flaw affects multiple versions of the ASA and PIX appliances, which could allow unauthorized access to sensitive resources. Organizations using affected Cisco products should review the advisory and apply necessary patches to mitigate potential risks.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/38279

vdb-entryx_refsource_BID

http://secunia.com/advisories/38618

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Feb 19, 2010
Vulnerability Reserved
Feb 10, 2010