CVE-2016-6366 — HIGH (8.8) — White Hats Nepal

Q: How severe is CVE-2016-6366?

CVE-2016-6366 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2016-6366?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Pix Firewall Software, Cisco Pix Firewall 501, Cisco Pix Firewall 506, Cisco Pix Firewall 506E, Cisco Pix Firewall 515.

Vulnerability Description

Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Cisco	Pix Firewall Software	-
Cisco	Pix Firewall 501	-
Cisco	Pix Firewall 506	-
Cisco	Pix Firewall 506E	-
Cisco	Pix Firewall 515	-
Cisco	Pix Firewall 515E	-
Cisco	Pix Firewall 520	-
Cisco	Pix Firewall 525	-
Cisco	Pix Firewall 535	-
Cisco	Adaptive Security Appliance Software	>= 7.2.1, < 9.0.4.40
Cisco	7604	-
Cisco	7606-S	-
Cisco	7609-S	-
Cisco	7613-S	-
Cisco	Asa 5500	-
Cisco	Asa 5500-X	-
Cisco	Asa 5500 Csc-Ssm	-
Cisco	Asa 5505	-
Cisco	Asa 5506-X	-
Cisco	Asa 5506H-X	-

Related Weaknesses (CWE)

CWE-120

References

http://blogs.cisco.com/security/shadow-brokersExploitPress/Media CoverageVendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516Vendor Advisory
http://www.securityfocus.com/bid/92521Broken LinkNot ApplicableThird Party Advisory
http://www.securitytracker.com/id/1036637Broken LinkThird Party AdvisoryVDB Entry
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/spBroken LinkExploit
https://www.exploit-db.com/exploits/40258/Third Party AdvisoryVDB Entry
https://zerosum0x0.blogspot.com/2016/09/reverse-engineering-cisco-asa-for.htmlExploitTechnical Description
http://blogs.cisco.com/security/shadow-brokersExploitPress/Media CoverageVendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516Vendor Advisory
http://www.securityfocus.com/bid/92521Broken LinkNot ApplicableThird Party Advisory
http://www.securitytracker.com/id/1036637Broken LinkThird Party AdvisoryVDB Entry
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/spBroken LinkExploit
https://www.exploit-db.com/exploits/40258/Third Party AdvisoryVDB Entry

FAQ

What is CVE-2016-6366?

CVE-2016-6366 is a vulnerability with a CVSS score of 8.8 (HIGH). Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM dev...

How severe is CVE-2016-6366?

CVE-2016-6366 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-6366?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Pix Firewall Software, Cisco Pix Firewall 501, Cisco Pix Firewall 506, Cisco Pix Firewall 506E, Cisco Pix Firewall 515.