NASLDB: MacOSX Cisco AnyConnect Secure Mobility Client Multiple Vulnerabilities
General
ID: 59823
Name: MacOSX Cisco AnyConnect Secure Mobility Client Multiple Vulnerabilities
Summary: Checks version of Cisco AnyConnect Client
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: 0
Family: MacOS X Local Security Checks
Type: Local
Description
The remote host has a version of Cisco AnyConnect < 2.5 MR6 / 3.0 MR8.
Such versions are potentially affected by multiple vulnerabilities :
– The WebLaunch VPN downloader implementation does not
properly validate binaries that are received, which can
allow remote attackers to execute arbitrary code via
ActiveX of Java components. (CVE-2012-2493).
– The WebLaunch VPN downloader implementation does not
compare timestamps of offered software to install with
currently installed software, which may allow remote
attackers to downgrade the software via ActiveX of Java
components. (CVE-2012-2494, CVE-2012-2495).
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2012-2493
OSVDB: –
Bugtraq: 54107
scipID: –
Timeline
Vulnerability Disclosure: 2012/06/20
Patch Release: 2012/06/20
Plugin Release: 2012/07/02
Plugin
Version: 1.4
Filename: macosx_cisco_anyconnect_multiple.nasl
Filesize: 4195 bytes
MD5 Hash: 7371e3cc1e76334565f35e87e2fb56b7
Identification: –
Require Keys: MacOSX/Cisco_AnyConnect/Installed
Dependencies: "macosx_cisco_anyconnect_installed.nasl"
Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.
- Letzte Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack