280 matches found
CVE-2018-0243
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 SMB2 and SMB Version 3 SMB3 protocols if malware is detected. The...
CVE-2018-0233
A vulnerability in the Secure Sockets Layer SSL packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...
CVE-2018-0243
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 SMB2 and SMB Version 3 SMB3 protocols if malware is detected. The...
CVE-2018-0233
A vulnerability in the Secure Sockets Layer SSL packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...
CVE-2018-0239
A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router ASR 5700 Series devices and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to cause an interface on the device to...
CVE-2018-0244
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block SMB protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handle...
CVE-2018-0254
Cisco Firepower System Software’s detection engine is affected by CVE-2018-0254. The issue arises when Intelligent Application Bypass (IAB) with a drop percentage threshold is configured, causing incorrect counting of dropped traffic. An unauthenticated, remote attacker could exploit this to bypa...
CVE-2018-0244
CVE-2018-0244 affects Cisco Firepower System Software's detection engine. A vulnerability in SMB handling during large file transfer failures lets an unauthenticated, remote attacker bypass a configured file action policy and drop SMB malware file transfers. The issue arises when pieces of a file...
CVE-2018-0243
Cisco Firepower System Software contains a vulnerability in its detection engine that can let an unauthenticated attacker bypass a file action policy intended to drop SMB2/SMB3 traffic. Root cause: incorrect detection of SMB2/SMB3 files based on total file length, allowing malicious files to pass...
CVE-2018-0239
A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router ASR 5700 Series devices and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to cause an interface on the device to...
CVE-2018-0243
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 SMB2 and SMB Version 3 SMB3 protocols if malware is detected. The...
CVE-2018-0233
A vulnerability in the Secure Sockets Layer SSL packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...
CVE-2018-0272
A vulnerability in the Secure Sockets Layer SSL Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this...
CVE-2018-0272
A vulnerability in the Secure Sockets Layer SSL Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this...
Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability
A vulnerability in the Secure Sockets Layer SSL packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...
Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support
Intel has halted patches for an array of older chips that would protect them against the Spectre vulnerability, according to a recent microcode update. The microcode update shows that its older products – including Wolfdale, Bloomfield, Clarksfield, Gulftown, Harpertown, Jasper Forest, SoFIA 3GR,...
CVE-2016-8365
OSIsoft PI System software Applications using PI Asset Framework AF Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit SDK versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI...
Cisco IOS Software and IOS XE Software Denial of Service Vulnerability (CNVD-2018-07300)
Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices. A resource management error vulnerability exists in the Smart Install feature of Cisco IOS Software and IOS XE Software, which results from the program failing to properly validate packet...
Troubleshooting Gateway Insight on NetScaler MAS
Troubleshooting Gateway Insight on NetScaler MAS...
CVE-2018-0138
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...