CVE-2008-2736

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) 5500 devices version 8.0(3)15 Cisco Adaptive Security Appliance (ASA) 5500 devices version 8.0(3)16 Cisco Adaptive Security Appliance (ASA) 5500 devices version 8.1(1)4 Cisco Adaptive Security Appliance (ASA) 5500 devices version 8.1(1)5

Description The issue allows remote attackers to obtain usernames and passwords via unknown vectors when the device is configured as a clientless SSL VPN endpoint. Multiple vulnerabilities may result in a reload of the device or disclosure of confidential information.

Recommendations For version 8.0(3)15, update to a fixed version to prevent remote attackers from obtaining usernames and passwords. For version 8.0(3)16, update to a fixed version to prevent remote attackers from obtaining usernames and passwords. For version 8.1(1)4, update to a fixed version to prevent remote attackers from obtaining usernames and passwords. For version 8.1(1)5, update to a fixed version to prevent remote attackers from obtaining usernames and passwords.