I am referring to the vulnerability reported here:
Is this in some proprietary code specific to Cisco, or is it something in some underlying SSL/VPN library which may be used by other products also? If I am running some SSL-VPN product from a non-Cisco vendor should I be worried about this vulnerability?
CVE-2018-0101 states:
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.
No mentioning of a vulnerability in a generic library whatsoever. Also, looking at the list of affected products/models on that CVE, I don't see any equipment which is running some sort of Linux under the hood to my knowledge.
CVE 2018-0101 is completely Cisco-specific. In short; there was an issue whereby sending a certain XML packet you would cause the ASA to free a chunk of memory twice thus resulting in arbitrary behaviour. As stated in the talk this is not a bug in IKE.
Below are links to a few helpful resources surrounding this vulnerability including the talk by Cedric who discovered this with his co-workers over at NCCGroup.
If it was a opensource or common library the CVE would be attached to the library and not the Cisco projects using it.
