Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances (cisco-sa-20100217-asa)

The remote host is a Cisco Adaptive Security Appliance (ASA). The remote version of the software used on this appliance is affected by the following security flaws :

• A TCP connection exhaustion denial of service vulnerability. (CVE-2010-0149)

• Two Session Initiation Protocol (SIP) inspection denial of service vulnerabilities. (CVE-2010-0150 and CVE-2010-0569)

• A Skinny Client Control Protocol (SCCP) inspection denial of service vulnerability. (CVE-2010-0151)

• A WebVPN Datagram Transport Layer Security (DTLS) denial of service vulnerability. (CVE-2010-0565)

• A crafted TCP segment denial of service vulnerability.
  (CVE-2010-0566)

• A crafted Internet Key Exchange (IKE) message denial of service vulnerability. (CVE-2010-0567)

• An NT LAN Manager version 1 (NTLMv1) authentication bypass vulnerability. (CVE-2010-0568)

An attacker could exploit these flaws to crash the remote device, or to log into the remote VPN (when configured to use NTLMv1 authentication).