漏洞类别:Cisco
漏洞等级: 
漏洞信息
A vulnerability in Internet Key Exchange version 1 code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to bypass Extended Authentication and successfully log in via IPsec remote VPN.
The vulnerability is due to improper implementation of the logic of the XAUTH code.
漏洞危害
An attacker could exploit this vulnerability by sending crafted IKEv1 packets to the affected system. An exploit could allow the attacker to bypass authentication and access the network via remote VPN.
解决方案
Refer to Cisco ASA advisory Cisco-SA-20150602-CVE-2015-0760 for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论