22 matches found
EUVD-2013-1258
Malware in sbrugna...
Cisco Adaptive Security Appliance - Path Traversal Exploit
Exploit for hardware platform in category web applications require 'msf/core' class MetasploitModule "Cisco Adaptive Security Appliance - Path Traversal", 'Description' = %q Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an...
Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover
A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request. Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to...
CVE-2018-0472
A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec...
Cisco Adaptive Security Appliance - Path Traversal Exploit
Exploit for hardware platform in category web applications ''' Cisco Adaptive Security Appliance - Path Traversal CVE-2018-0296 A security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques...
CVE-2017-12245
CVE-2017-12245 describes a memory-consumption DoS vulnerability in Cisco Firepower Threat Defense (FTD) Software’s SSL traffic decryption. Root cause: an error in how the Firepower Detection Snort Engine handles SSL traffic decryption and communicates with the ASA handler, enabling an unauthentic...
CVE-2017-6609
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...
CVE-2017-6609
CVE-2017-6609 affects Cisco ASA Software IPsec handling. The vulnerability stems from improper parsing of malformed IPsec packets in the IPsec code, requiring an authenticated, remote attacker to establish a valid IPsec tunnel and send crafted traffic to the affected system. Exploitation can caus...
CVE-2017-6607
The CVE-2017-6607 issue affects Cisco ASA Software DNS handling. A crafted DNS response can be used by an unauthenticated remote attacker to cause the device to reload or corrupt its local DNS cache, leading to DoS or cache corruption. Impact applies to ASA in routed or transparent firewall mode,...
CVE-2017-6609
A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...
CVE-2016-9209
A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance ASA 5500-X Series with FirePOWER...
Code injection
A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance ASA 5500-X Series with FirePOWER...
Cisco Firepower Management Center and ASA 5500-X Series with FirePOWER Services Elevation of Privilege Vulnerability
Cisco Firepower Management Center and Cisco ASA 5500-X Series with FirePOWER Services are both next-generation firewall software from Cisco. An elevation of privilege vulnerability exists in the web-based GUI in Cisco Firepower Management Center and Cisco ASA 5500-X Series with FirePOWER Services...
Cisco ASA DNS DoS Vulnerability (cisco-sa-20151021-asa-dns2)
A vulnerability in the DNS code of Cisco ASA may lead to a denial of service. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...
Cisco Prime Security Manager跨站脚本漏洞
BUGTRAQ ID: 66488 CVECAN ID: CVE-2014-2118 Cisco Prime Security Manager是集中管理Cisco ASA 5500-X系列防火墙的工具。 Cisco Prime Security Manager 即PRSM 9.2.1-2及之前版本在仪表盘相关的HTML文档内存在多个跨站脚本漏洞,这可使远程攻击者注入远程Web脚本或HTML。 0 Cisco Prime Security Manager 9.2.1-2 目前厂商还没有提供补丁或者升级程序: http://www.cisco.com/go/psirt...
CVE-2013-1218
Cisco Intrusion Prevention System IPS Software in ASA 5500-X IPS-SSP software modules before 7.17sp1E4 allows remote attackers to cause a denial of service Analysis Engine process hang or device reload via fragmented 1 IPv4 or 2 IPv6 packets, aka Bug ID CSCue51272...
CVE-2013-1243
The IP stack in Cisco Intrusion Prevention System IPS Software in ASA 5500-X IPS-SSP software and hardware modules before 7.15E4, IPS 4500 sensors before 7.16E4, and IPS 4300 sensors before 7.15E4 allows remote attackers to cause a denial of service MainApp process hang via malformed IPv4 packets...
Design/Logic Flaw
The IP stack in Cisco Intrusion Prevention System IPS Software in ASA 5500-X IPS-SSP software and hardware modules before 7.15E4, IPS 4500 sensors before 7.16E4, and IPS 4300 sensors before 7.15E4 allows remote attackers to cause a denial of service MainApp process hang via malformed IPv4 packets...
Code injection
Cisco Intrusion Prevention System IPS Software in ASA 5500-X IPS-SSP software modules before 7.17sp1E4 allows remote attackers to cause a denial of service Analysis Engine process hang or device reload via fragmented 1 IPv4 or 2 IPv6 packets, aka Bug ID CSCue51272...
CVE-2013-1218
Cisco Intrusion Prevention System IPS Software in ASA 5500-X IPS-SSP software modules before 7.17sp1E4 allows remote attackers to cause a denial of service Analysis Engine process hang or device reload via fragmented 1 IPv4 or 2 IPv6 packets, aka Bug ID CSCue51272...