CVE-2016-1287 PoC — Cisco ASA Software IKEv1和IKEv2 缓冲区错误漏洞

Source

Associated Vulnerability

Title:Cisco ASA Software IKEv1和IKEv2 缓冲区错误漏洞 (CVE-2016-1287)
Description:Cisco ASA（Adaptive Security Appliances，自适应安全设备）Software是美国思科（Cisco）公司的一套防火墙和网络安全平台。该平台提供了对数据和网络资源的高度安全的访问等功能。 Cisco ASA Software的IKEv1和IKEv2实现过程中存在缓冲区溢出漏洞。远程攻击者可借助特制的UDP数据包利用该漏洞执行任意代码或造成拒绝服务（设备重载）。以下产品及版本受到影响：Cisco ASA 5500，ASA 5500-X，ASA Services Module

Description

CVE-2016-1287 vulnerability test

Readme

# killasa

Vulnerability Test for CVE-2016-1287 (Cisco ASA invalid IKE fragment length)

Negotiates IKEv2 SA with Cisco fragmentation enabled, then sends
two IKE fragments, one of which has an invalid length of 1 octet.

File Snapshot


 [4.0K]  /data/pocs/6e58fab46ab38110782aa1371095cd66773e08dd
├── [5.7K]  killasa.py
└── [ 220]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!