CentOS Update for libgcrypt CESA-2013:1457 centos5

Check for the Version of libgcrypt OpenVAS Vulnerability Test CentOS Update for libgcrypt CESA-2013:1457 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

libgcrypt security update

CentOS Errata and Security Advisory CESA-2013:1457 An updated libgcrypt package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System...

GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload...

GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload...

Cisco ASA VPN Denial of Service Vulnerability

A vulnerability in the VPN authentication code that handles parsing of the username from the certificate on the Cisco ASA firewall could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to parallel processing of a large number of Interne...

Cisco NX-OS Software BGP Regex Vulnerability (Cisco-SA-20130917-CVE-2013-1121)

A vulnerability in the Border Gateway Protocol BGP code of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C...

CVE-2013-5542

Cisco ASA software versions affected: 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8). The issue allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets (Bug ID CSCui77398). Remediation: up...

CVE-2013-5542

Cisco Adaptive Security Appliance ASA Software 8.4 before 8.47.2, 8.7 before 8.71.8, 9.0 before 9.03.6, and 9.1 before 9.12.8 allows remote attackers to cause a denial of service firewall-session disruption or device reload via crafted ICMP packets, aka Bug ID CSCui77398...

Information disclosure

The IPsec implementation in Cisco Adaptive Security Appliance ASA Software 9.1 before 9.11.7, when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service device reload via a 1 ICMP or 2 ICMPv6 packet that is improperly handled during decryption, aka Bug ID CSCue18975...

CVE-2013-5508

The SQLNet inspection engine in Cisco Adaptive Security Appliance ASA Software 7.x before 7.25.12, 8.x before 8.25.44, 8.3.x before 8.32.39, 8.4.x before 8.46, 8.5.x before 8.51.18, 8.6.x before 8.61.12, 8.7.x before 8.71.6, 9.0.x before 9.02.10, and 9.1.x before 9.12 and Firewall Services Module...

CVE-2013-5507

The IPsec implementation in Cisco Adaptive Security Appliance ASA Software 9.1 before 9.11.7, when an IPsec VPN tunnel is enabled, allows remote attackers to cause a denial of service device reload via a 1 ICMP or 2 ICMPv6 packet that is improperly handled during decryption, aka Bug ID CSCue18975...

Security feature bypass

The remember feature in the DHCP server in Cisco IOS allows remote attackers to cause a denial of service device reload by acquiring a lease and then sending a DHCPRELEASE message, aka Bug ID CSCuh46822...

Cisco IOS Software DHCP Server remember Functionality Vulnerability

An issue in the DHCP server code of Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause the device to reload. The issue is due to the remember functionality of the DHCP server. An attacker could exploit this issue by obtaining a lease and then releasing it. An exploit...

PT-2013-5596 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 8.2.x through 8.25.45 Cisco Adaptive Security Appliance ASA Software versions 8.3.x through 8.32.38 Cisco Adaptive Security Appliance ASA Software versions 8.4.x through 8.45.4 Cisco...

PT-2013-5598 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 8.x through 8.25.43 Cisco Adaptive Security Appliance ASA Software versions 8.3.x through 8.32.38 Cisco Adaptive Security Appliance ASA Software versions 8.4.x through 8.45.6 Cisco...

PT-2013-5623 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions 8.4 before 8.47.2 Cisco Adaptive Security Appliance ASA Software versions 8.7 before 8.71.8 Cisco Adaptive Security Appliance ASA Software versions 9.0 before 9.03.6 Cisco Adaptive...

Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20130925-ike)

A vulnerability exists in the Internet Key Exchange IKE protocol of Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a device reload. The vulnerability is due to incorrect handling of malformed IKE packets by the affected software. ...

Cisco IOS XE Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp)

A vulnerability in the DHCP implementation of Cisco IOS XE Software allows an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability occurs during the parsing of crafted DHCP packets. An attacker can exploit this vulnerability by sending crafted DHCP packet...

Cisco IOS Software DHCP Denial of Service Vulnerability (cisco-sa-20130925-dhcp)

A vulnerability exists in the DHCP implementation of Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability occurs during the parsing of crafted DHCP packets. An attacker could exploit this vulnerability by sending...

Cisco IOS XE Software Internet Key Exchange Memory Leak Vulnerability (cisco-sa-20130925-ike)

A vulnerability in the Internet Key Exchange IKE protocol of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a device reload. The vulnerability is due to incorrect handling of malformed IKE packets by the affected software. An attack...