CVE-2014-0710

Race condition in the cut-through proxy feature in Cisco Firewall Services Module FWSM Software 3.x before 3.228 and 4.x before 4.115 allows remote attackers to cause a denial of service device reload via certain matching traffic, aka Bug ID CSCuj16824...

Cisco UCS Director Software Has Default Credentials Open to Attackers

Cisco’s UCS Director infrastructure management product contains a set of default credentials that any remote attacker can exploit to take complete control of any vulnerable machine. The flaw is in UCS Director versions 4.0.0.2 and below. The Cisco UCS Director software is designed to allow...

SA-CONTRIB-2014-010 - Services - Access Bypass and Privilege Escalation

The Services module enables you to expose an API to third party systems using REST, XML-RPC or other protocols. User update access bypass vulnerability An authenticated user is able to assign additional roles to themselves, which means they can escalate their privileges by assigning an...

SA-CONTRIB-2014-007 - Services - Multiple access bypass vulnerabilities

This module enables you to expose an API to third party systems using REST, XML-RPC or other protocols. The form API provides a method for developers to submit forms programmatically using the function drupalformsubmit. During programmatic form submissions, all access checks are deliberately...

CVE-2013-5508

The SQLNet inspection engine in Cisco Adaptive Security Appliance ASA Software 7.x before 7.25.12, 8.x before 8.25.44, 8.3.x before 8.32.39, 8.4.x before 8.46, 8.5.x before 8.51.18, 8.6.x before 8.61.12, 8.7.x before 8.71.6, 9.0.x before 9.02.10, and 9.1.x before 9.12 and Firewall Services Module...

Cisco Firewall Services Module Command Authorization Vulnerability

A vulnerability in the authorization code of the Cisco Firewall Services Module FWSM could allow an authenticated but unprivileged, local attacker to delete, modify, or view the configuration of any other context of the affected system. The vulnerability is due to insufficient authorization...

Multiple Vulnerabilities in Cisco Firewall Services Module Software

Cisco Firewall Services Module FWSM Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the following vulnerabilities: Cisco FWSM Command Authorization Vulnerability SQLNet Inspection Engine Denial of Service Vulnerability These vulnerabilities are...

Multiple Vulnerabilities in Cisco Firewall Services Module Software (cisco-sa-20130410-fwsm)

The remote Cisco Firewall Services Module FWSM for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers may be affected by the following vulnerabilities : - A flaw in the FWSM software could allow remote attackers to cause a denial of service DoS condition via a crafted IKEv1 message...

Cisco Firewall Services Module (FWSM) Version

The remote host has a Cisco Firewall Services Module FWSM. It is possible to read the FWSM version by connecting to the switch using SSH. TRUSTED...

CVE-2013-2158

Cross-site request forgery CSRF vulnerability in the Services module 6.x-3.x and 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Services module 6.x-3.x and 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2013-2158

Summary of CVE-2013-2158 (Drupal Services CSRF) : The Services module for Drupal 6.x-3.x and 7.x-3.x is vulnerable to Cross-Site Request Forgery due to insufficient verification of POST/PUT/DELETE requests with session cookie authentication. This could allow remote attackers to hijack the authent...

PT-2013-2962 · Cisco · Cisco Firewall Services Module +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices affected versions not specified Cisco Firewall Services Module FWSM affected versions not specified Description: The issue concerns the time-based ACL implementation, which does not properly hand...

Code injection

The Secure Shell SSH implementation on Cisco Adaptive Security Appliances ASA devices, and in Cisco Firewall Services Module FWSM, does not properly terminate sessions, which allows remote attackers to cause a denial of service SSH service outage by repeatedly establishing SSH connections, aka Bu...

CVE-2013-1193

The Secure Shell SSH implementation on Cisco Adaptive Security Appliances ASA devices, and in Cisco Firewall Services Module FWSM, does not properly terminate sessions, which allows remote attackers to cause a denial of service SSH service outage by repeatedly establishing SSH connections, aka Bu...

PT-2013-2960 · Cisco · Cisco Firewall Services Module +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices affected versions not specified Cisco Firewall Services Module FWSM affected versions not specified Description: The Secure Shell SSH implementation does not properly terminate sessions, allowing...

CVE-2013-1155

The auth-proxy functionality in Cisco Firewall Services Module FWSM software 3.1 and 3.2 before 3.220.1, 4.0 before 4.015.2, and 4.1 before 4.15.1 allows remote attackers to cause a denial of service device reload via a crafted URL, aka Bug ID CSCtg02624...

Design/Logic Flaw

Cisco Adaptive Security Appliances ASA devices with software 7.x before 7.25.10, 8.0 before 8.05.28, 8.1 and 8.2 before 8.25.35, 8.3 before 8.32.34, 8.4 before 8.44.11, 8.6 before 8.61.10, and 8.7 before 8.71.3, and Cisco Firewall Services Module FWSM software 3.1 and 3.2 before 3.224.1 and 4.0 a...

Code injection

The auth-proxy functionality in Cisco Firewall Services Module FWSM software 3.1 and 3.2 before 3.220.1, 4.0 before 4.015.2, and 4.1 before 4.15.1 allows remote attackers to cause a denial of service device reload via a crafted URL, aka Bug ID CSCtg02624...

PT-2013-2917 · Cisco · Cisco Firewall Services Module +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices versions 7.x through 7.25.9 Cisco Adaptive Security Appliances ASA devices versions 8.0 through 8.05.27 Cisco Adaptive Security Appliances ASA devices versions 8.1 through 8.25.34 Cisco Adaptive...