NASLDB: Cisco AnyConnect Secure Mobility Client VPN Downgrade
General
ID: 59819
Name: Cisco AnyConnect Secure Mobility Client VPN Downgrade
Summary: Checks version of Cisco AnyConnect Client
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C
Port: –
Family: Windows
Type: Local
Description
The remote host has a version of Cisco AnyConnect < 2.5 MR6 / 3.0 MR8.
Such versions are potentially affected by a software downgrade
vulnerability. The WebLaunch VPN downloader implementation does not
compare timestamps of offered software to install with currently
installed software, which may allow remote attackers to downgrade the
software via ActiveX or Java components.
Exploiting
Exploit Available: False
Exploitability Ease: No known exploits are available
Sources
CVE: CVE-2012-2494
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2012/06/20
Patch Release: 2012/06/20
Plugin Release: 2012/07/02
Plugin
Version: 1.4
Filename: cisco_anyconnect_vpn_downgrade.nasl
Filesize: 3621 bytes
MD5 Hash: 25db6412b93119dc558a2eb66e808e86
Identification: SMB/transport
Require Keys: SMB/cisco_anyconnect/Installed
Dependencies: ‘cisco_anyconnect_vpn_installed.nasl’
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack