20 matches found
EUVD-2013-1255
Malware in sbrugna...
EUVD-2005-1060
Malware in sbrugna...
EUVD-2009-0638
Malware in sbrugna...
CVE-2013-1215
The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances ASA 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295...
Code injection
The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances ASA 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295...
CVE-2013-1215
The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances ASA 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295...
CVE-2013-1215
CVE-2013-1215 concerns Cisco ASA 5505 devices where the vpnclient tool in the Easy VPN component allows an authenticated, local attacker to escalate privileges due to a mis-handling of privilege levels (Bug CSCuf85295). Affected hardware/software is Cisco ASA with the Easy VPN feature; exploitati...
Cisco ASA Software Easy VPN Privilege Escalation Vulnerability
A vulnerability in the Easy VPN feature of Cisco ASA Software running on Cisco ASA 5505 hardware could allow an authenticated, local attacker to elevate their privileges on the device running Cisco ASA Software. The vulnerability is due to a mishandling of privilege levels, which are temporarily...
Cisco IOS cTCP Denial of Service Vulnerability - Cisco Systems
A series of TCP packets may cause a denial of service DoS condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol cTCP encapsulation feature. Cisco has released free software updates that address this vulnerability. No workarounds are...
Cisco IOS cTCP协议远程拒绝服务漏洞
BUGTRAQ ID: 34246 CVECAN ID: CVE-2009-0635 Cisco IOS是思科网络设备所使用的互联网操作系统。 在配置为Easy VPN服务器的Cisco IOS设备上,如果启用了Cisco隧道控制协议(cTCP)封装功能,则一系列TCP报文可能导致设备耗尽内存。 Cisco IOS 12.4 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20090325-ctcp)以及相应补丁: cisco-sa-20090325-ctcp:Cisco IOS cTCP Denial of Service...
Design/Logic Flaw
Memory leak in the Cisco Tunneling Control Protocol cTCP encapsulation feature in Cisco IOS 12.4, when an Easy VPN aka EZVPN server is enabled, allows remote attackers to cause a denial of service memory consumption and device crash via a sequence of TCP packets...
CVE-2009-0635
Memory leak in the Cisco Tunneling Control Protocol cTCP encapsulation feature in Cisco IOS 12.4, when an Easy VPN aka EZVPN server is enabled, allows remote attackers to cause a denial of service memory consumption and device crash via a sequence of TCP packets...
Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS cTCP Denial of Service Vulnerability Advisory ID: cisco-sa-20090325-ctcp http://www.cisco.com/warp/public/707/cisco-sa-20090325-ctcp.shtml Revision 1.0 For Public Release 2009 March 25 1600 UTC GMT -...
Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes
Overview Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes. This may allow a remote, unauthenticated attacker to access the private network. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...
CVE-2005-1057
Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."...
CVE-2005-1057
Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."...
CVE-2005-1057
Cisco IOS 12.2T, 12.3 and 12.3T with Easy VPN Server XAUTH version 6 authentication are affected by a vulnerability that allows a remote attacker to bypass authentication via a malformed XAUTH packet. The issue resides in processing certain IKE XAUTH messages when configured for Easy VPN Server, ...
Vulnerabilities in the Internet Key Exchange Xauth Implementation
Cisco Internetwork Operating System IOS Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange IKE Xauth messages when configured to be an Easy VPN Server. Successful exploitation of these vulnerabilities may permit an unauthorized us...
Cisco IOS IKE XAUTH ISAKMP IPSec SA Establish Authentication Bypass (CSCeg00277)
The remote version of IOS contains a feature called 'Easy VPN Server' that allows the administrator of the remote router to create a lightweight VPN server. There is an implementation flaw in the remote version of this software that could allow an authorized user to complete authentication and...
Cisco Security Advisory: Vulnerabilities in the Internet Key Exchange Xauth Implementation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: ======================== Vulnerabilities in the Internet Key Exchange Xauth Implementation ================================================================= Revision 1.0 For Public Release 2005 April 6 1600 UTC -...