Exodus Intelligence have released the proof of concept code on their GitHub page

On February, 10 2016 a vulnerability related to the Internet Key Exchange (IKE) protocol implementation of Cisco devices (CVE-2016–1287) was ufficially released.

Yesterday, the researchers who found this bug, Exodus Intel, have released the proof of concept code on their GitHub page.

Affected Products

  • Cisco ASA 5500 Series Adaptive Security Appliances
  • Cisco ASA 5500-X Series Next-Generation Firewalls
  • Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • Cisco ASA 1000V Cloud Firewall
  • Cisco Adaptive Security Virtual Appliance (ASAv)
  • Cisco Firepower 9300 ASA Security Module
  • Cisco ISA 3000 Industrial Security Appliance

Cisco has already released a software updates that address the vulnerability.

The POC

[embed]https://gist.github.com/andreafortuna/657ed351b1231bfa43ffe8a603c3fb95[/embed]

Links and resources

Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability
A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software…tools.cisco.com
Cisco ASA Software IKEv1 / IKEv2 Buffer Overflow
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepaperspacketstormsecurity.com
Exodus Intelligence
David Barksdale, Jordan Gruskovnjak, and Alex Wheeler Cisco has issued a fix to address CVE-2016-1287. The Cisco ASA…blog.exodusintel.com
exodusintel/disclosures
Contribute to disclosures development by creating an account on GitHub.github.com