Can ike-scan be used to detect the cisco asa ike buffer overflow? #17
Comments
|
Do you have the CVE number or some reference to the vulnerability> |
|
https://blog.exodusintel.com/2016/02/10/firewall-hacking/ CVE-2016-1287 I would just like to verify that the vulnerability is present somehow..... And thank you very much for checking my request !!! |
|
Thanks for the link. I think the ike-scan code could be adapted to check for this, but the current options can't generate a packet that will check this. The exploit relies on the server mishandlink IKE fragmentation, which isn't something that ike-scan does at the moment. It would be possible to add this functionality, and the IKE packet generation code is in isakmp.c. But you may find it easier to craft a packet using scapy or another packet crafting tool. If I get time I may look into this, but I don't spend a lot of time working on ike-scan nowadays. Of course, a pull request would be gratefully received :-) |
|
Thank you very much for your time to check this out. I think i maybe give isakmp.c a try.... |
|
@dimpol another packet crafting option is PacketFu - https://github.com/packetfu/packetfu (a scapy-like alternative that is supported in Metasploit) |
Hi,
Any ideas on how ike-scan can be configured to detect the cisco asa ike buffer overflow?
The text was updated successfully, but these errors were encountered: