- Jun 9, 2013
- 6,720
EXTRABACON, one of the Equation Group exploits leaked by the Shadow Brokers, can be made to work on a wider range of Cisco Adaptive Security Appliance (ASA) firewalls than previously reported.
We successfully ported EXTRABACON to ASA 9.2(4) #ShadowBrokers #Ciscopic.twitter.com/UPG6yq9Km2
— SilentSignal (@SilentSignalHU) August 23, 2016
The leaked exploit of the zero-day buffer overflow vulnerability (CVE-2016-6366) in the SNMP code of the Cisco ASA, Cisco PIX, and Cisco Firewall Services Module can compromise versions 8.4.(4) and earlier of the ASA firewalls, but researchers from Hungarian pentesting firm SilentSignal have managed to modify it so that it can also work on ASA 9.2.(4).
Cisco did say in its initial security advisory that all Cisco ASA software releases are affected by the flaw, and Omar Santos, the Principal Engineer in the Cisco Product Security Incident Response Team, tested the original exploit against a Cisco ASA 5506 running version 9.4(1), causing the ASA to crash.
Full Article. Leaked EXTRABACON exploit can work on newer Cisco ASA firewalls - Help Net Security
We successfully ported EXTRABACON to ASA 9.2(4) #ShadowBrokers #Ciscopic.twitter.com/UPG6yq9Km2
— SilentSignal (@SilentSignalHU) August 23, 2016
The leaked exploit of the zero-day buffer overflow vulnerability (CVE-2016-6366) in the SNMP code of the Cisco ASA, Cisco PIX, and Cisco Firewall Services Module can compromise versions 8.4.(4) and earlier of the ASA firewalls, but researchers from Hungarian pentesting firm SilentSignal have managed to modify it so that it can also work on ASA 9.2.(4).
Cisco did say in its initial security advisory that all Cisco ASA software releases are affected by the flaw, and Omar Santos, the Principal Engineer in the Cisco Product Security Incident Response Team, tested the original exploit against a Cisco ASA 5506 running version 9.4(1), causing the ASA to crash.
Full Article. Leaked EXTRABACON exploit can work on newer Cisco ASA firewalls - Help Net Security
