Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-6366

Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.

Published

2016-08-18T18:59:00.117

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

6.8

Impact Score

10.0

Weaknesses

Type: Primary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	pix_firewall_software	-	Yes
Hardware	cisco	pix_firewall_501	-	No
Hardware	cisco	pix_firewall_506	-	No
Hardware	cisco	pix_firewall_506e	-	No
Hardware	cisco	pix_firewall_515	-	No
Hardware	cisco	pix_firewall_515e	-	No
Hardware	cisco	pix_firewall_520	-	No
Hardware	cisco	pix_firewall_525	-	No
Hardware	cisco	pix_firewall_535	-	No
Operating System	cisco	adaptive_security_appliance_software	< 9.0.4.40	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.1.7\(9\)	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.2.4\(14\)	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.3.3\(10\)	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.4.3\(8\)	Yes
Operating System	cisco	adaptive_security_appliance_software	≤ 9.5\(3\)	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.6.1\(11\)	Yes
Hardware	cisco	7604	-	No
Hardware	cisco	7606-s	-	No
Hardware	cisco	7609-s	-	No
Hardware	cisco	7613-s	-	No
Hardware	cisco	asa_5500	-	No
Hardware	cisco	asa_5500-x	-	No
Hardware	cisco	asa_5500_csc-ssm	-	No
Hardware	cisco	asa_5505	-	No
Hardware	cisco	asa_5506-x	-	No
Hardware	cisco	asa_5506h-x	-	No
Hardware	cisco	asa_5506w-x	-	No
Hardware	cisco	asa_5508-x	-	No
Hardware	cisco	asa_5510	-	No
Hardware	cisco	asa_5512-x	-	No
Hardware	cisco	asa_5515-x	-	No
Hardware	cisco	asa_5516-x	-	No
Hardware	cisco	asa_5520	-	No
Hardware	cisco	asa_5525-x	-	No
Hardware	cisco	asa_5540	-	No
Hardware	cisco	asa_5545-x	-	No
Hardware	cisco	asa_5550	-	No
Hardware	cisco	asa_5555-x	-	No
Hardware	cisco	asa_5580	-	No
Hardware	cisco	asa_5585-x	-	No
Hardware	cisco	catalyst_6500	-	No
Hardware	cisco	catalyst_6500-e	-	No
Hardware	cisco	catalyst_6503-e	-	No
Hardware	cisco	catalyst_6504-e	-	No
Hardware	cisco	catalyst_6506-e	-	No
Hardware	cisco	catalyst_6509-e	-	No
Hardware	cisco	catalyst_6509-neb-a	-	No
Hardware	cisco	catalyst_6509-v-e	-	No
Hardware	cisco	catalyst_6513	-	No
Hardware	cisco	catalyst_6513-e	-	No
Operating System	cisco	asa_1000v_cloud_firewall_software	8.7.1	Yes
Operating System	cisco	asa_1000v_cloud_firewall_software	8.7.1.1	Yes

References

http://blogs.cisco.com/security/shadow-brokers Exploit, Press/Media Coverage, Vendor Advisory ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp Vendor Advisory ([email protected])
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/92521 Broken Link, Not Applicable, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1036637 Broken Link, Third Party Advisory, VDB Entry ([email protected])
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip Broken Link, Exploit ([email protected])
https://www.exploit-db.com/exploits/40258/ Third Party Advisory, VDB Entry ([email protected])
https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html Exploit, Technical Description ([email protected])
http://blogs.cisco.com/security/shadow-brokers Exploit, Press/Media Coverage, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/92521 Broken Link, Not Applicable, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1036637 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip Broken Link, Exploit (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/40258/ Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.html Exploit, Technical Description (af854a3a-2127-422b-91ae-364da2661108)