Main
Vulnerability Database
Exploits
ID:1012 - Exploit for Heap-based buffer overflow in Cisco Adaptive Security Appliance (ASA) - CVE-2017-3807
ID:1012 - Exploit for Heap-based buffer overflow in Cisco Adaptive Security Appliance (ASA) - CVE-2017-3807
Published: March 18, 2020
Vulnerability identifier: #VU5673
Vulnerability risk: High
CVE-ID: CVE-2017-3807
CWE-ID: CWE-119
Exploitation vector: Remote access
Vulnerable software:
Cisco Adaptive Security Appliance (ASA)
Cisco Adaptive Security Appliance (ASA)
Link to public exploit:
Vulnerability description
The vulnerability allows an authenticated remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when parsing HTTP requests within Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software. A remote authenticated attacker can send a specially crafted HTTP request to "https://<asa_ip_address>/+webvpn+/CIFS_R/" URL, trigger heap-based buffer overflow and cause denial of service or execute arbitrary code on vulnerable device.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable device.
Remediation
Install patched version:
Cisco ASA versions prior to 9.0 - migrate to 9.1(7.13) or later
Cisco ASA 9.0 - migrate to 9.1(7.13) or later
Cisco ASA 9.1 - update to 9.1(7.13) or later
Cisco ASA 9.2 - migrate to 9.4(4) or later
Cisco ASA 9.3 - migrate to 9.4(4) or later
Cisco ASA 9.4 - update to 9.4(4) or later
Cisco ASA 9.5 - migrate to 9.6(2.10) or later
Cisco ASA 9.6 - update to 9.6(2.10) or later
Cisco ASA versions prior to 9.0 - migrate to 9.1(7.13) or later
Cisco ASA 9.0 - migrate to 9.1(7.13) or later
Cisco ASA 9.1 - update to 9.1(7.13) or later
Cisco ASA 9.2 - migrate to 9.4(4) or later
Cisco ASA 9.3 - migrate to 9.4(4) or later
Cisco ASA 9.4 - update to 9.4(4) or later
Cisco ASA 9.5 - migrate to 9.6(2.10) or later
Cisco ASA 9.6 - update to 9.6(2.10) or later