NASLDB: Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution
General
ID: 59820
Name: Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution
Summary: Checks version of Cisco AnyConnect Client
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: –
Family: Windows
Type: Local
Description
The remote host has a version of Cisco AnyConnect < 2.5 MR6.
Such versions are potentially affected by an arbitrary code execution
vulnerability. The WebLaunch VPN downloader implementation does not
properly validate binaries that are received, which can allow remote
attackers to execute arbitrary code via ActiveX or Java components.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2012-2493
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: 2012/06/20
Patch Release: 2012/06/20
Plugin Release: 2012/07/02
Plugin
Version: 1.5
Filename: cisco_anyconnect_vpn_downloader_code_execution.nasl
Filesize: 3661 bytes
MD5 Hash: 5a8c80e5c90348e71b4a919ea7f1c58e
Identification: SMB/transport
Require Keys: SMB/cisco_anyconnect/Installed
Dependencies: ‘cisco_anyconnect_vpn_installed.nasl’
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack