PT-2013-2917 · Cisco · Cisco Firewall Services Module +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices versions 7.x through 7.25.9 Cisco Adaptive Security Appliances ASA devices versions 8.0 through 8.05.27 Cisco Adaptive Security Appliances ASA devices versions 8.1 through 8.25.34 Cisco Adaptive...

Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability

A vulnerability in Cisco Adaptive Security Appliance ASA Software for the Cisco ASA 1000V Cloud Firewall may cause the Cisco ASA 1000V to reload after processing a malformed H.323 message. Cisco ASA 1000V Cloud Firewall is affected when H.323 inspection is enabled. Cisco has released software...

CVE-2012-5586

The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."...

Design/Logic Flaw

The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."...

CVE-2012-5586

The Drupal Services module (versions 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3) is affected. Remote authenticated users who have the "access user profiles" permission can disclose arbitrary users’ email addresses via the user index method and the path to the user resource. This is caused ...

CVE-2012-5586

The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vectors related to the "user index method" and "the path to the user resource."...

CVE-2012-4643

The DHCP server on Cisco Adaptive Security Appliances ASA 5500 series devices, and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices, with software 7.0 before 7.25.8, 7.1 before 7.25.8, 7.2 before 7.25.8, 8.0 before 8.05.28, 8.1 before 8.12.56, 8.2 before 8.25.27, 8.3 before...

Authentication flaw

The AAA functionality in the IPv4 SSL VPN implementations on Cisco Adaptive Security Appliances ASA 5500 series devices, and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices, with software 8.2 before 8.25.30 and 8.3 before 8.32.34 allows remote attackers to cause a denial of...

Code injection

The DCERPC inspection engine on Cisco Adaptive Security Appliances ASA 5500 series devices, and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices, with software 8.3 before 8.32.25, 8.4 before 8.42.5, and 8.5 before 8.51.13 and the Firewall Services Module FWSM 4.1 before 4.17 in...

Stack overflow

Stack-based buffer overflow in the DCERPC inspection engine on Cisco Adaptive Security Appliances ASA 5500 series devices, and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices, with software 8.3 before 8.32.34, 8.4 before 8.44.4, 8.5 before 8.51.13, and 8.6 before 8.61.3 and th...

Cisco Patches a Rash of Buffer Overflow and DoS Vulnerabilities

Cisco Systems released fixes for 15 vulnerabilities in three of its major product lines on Wednesday, including two different security appliances. The vulnerabilities would either allow an attacker to remotely execute code on a compromised machine, or execute a denial-of-service attack. Cisco sai...

PT-2012-5527 · Cisco · Cisco Asa +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices versions 7.0 through 7.25.7 Cisco Adaptive Security Appliances ASA 5500 series devices and the ASA Services...

PT-2012-5532 · Cisco · Cisco Asa Services Module +3

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.3 before 8.32.25 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.4 before 8.42.5 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8...

PT-2012-4462 · Cisco · Cisco Asa +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.4 before 8.44.1 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.5 before 8.51.11 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8...

Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

PT-2012-2517 · Cisco · Cisco Asa Services Module +3

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 7.0 through 7.2 before 7.25.7 Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.0 before 8.05.27 Cisco Adaptive Security Appliances ASA 5500 series device...

PT-2012-2515 · Cisco · Cisco Asa +2

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices and the ASA Services Module ASASM in Cisco Catalyst 6500 series devices versions 8.0 through 8.2 before 8.25.20 Cisco Adaptive Security Appliances ASA 5500 series devices and the ASA...

Elevating Privileges Via Windows Installers

There’s an odd bit of behavior that some Windows systems will exhibit when certain kinds of installers are launched, automatically elevating the privileges of the installer process to system-level privileges. In theory, the issue shouldn’t be exploitable because at one point in the process the...

CVE-2011-3300

Cisco Adaptive Security Appliances ASA 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.08.13, 7.1 and 7.2 before 7.25.4, 8.0 before 8.05.25, 8.1 and 8.2 before 8.25.11, 8.3 before 8.32.23, 8.4 before 8.42.6, and 8.5 before 8.51.1...

CVE-2011-3297

Cisco Firewall Services Module aka FWSM 3.1 before 3.121, 3.2 before 3.222, 4.0 before 4.016, and 4.1 before 4.17, when certain authentication configurations are used, allows remote attackers to cause a denial of service module crash by making many authentication requests for network access, aka...