10 matches found
EUVD-2007-5544
Malware in sbrugna...
Cisco PIX/ASA拒绝服务,ACL绕过及验证绕过漏洞
安全公告 月度Top10安全漏洞 每日漏洞播报 Cisco PIX/ASA拒绝服务,ACL绕过及验证绕过漏洞 发布时间:2009-04-09 录入:启明星辰 BUGTRAQ ID: 34429 CVE ID:CVE-2009-1155 CVE-2009-1156 CVE-2009-1157 CVE-2009-1158 CVE-2009-1159 CVE-2009-1160 CNCVE ID:CNCVE-20091155 CNCVE-20091156 CNCVE-20091157 CNCVE-20091158 CNCVE-20091159 CNCVE-20091160 Cisco...
Cisco PIX/ASA Windows NT域绕过认证漏洞
BUGTRAQ ID: 31864 CVECAN ID: CVE-2008-3815 PIX是一款防火墙设备,可为用户和应用提供策略强化、多载体攻击防护和安全连接服务;自适应安全设备(ASA)是可提供安全和VPN服务的模块化平台。 由于Microsoft Windows NT域认证问题,Cisco ASA和Cisco PIX设备可能受VPN绕过认证漏洞的影响。配置了基于IPSec或SSL远程访问VPN的Cisco ASA或Cisco PIX安全设备存在这个漏洞,攻击者可以通过远程访问基于IPSec或SSL的VPN成功连接到Cisco ASA设备。 Cisco ASA或Cisco...
CVE-2008-1246
The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...
Design/Logic Flaw
The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...
CVE-2008-1246
The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...
Cisco PIX/ASA设备多个远程拒绝服务及认证绕过漏洞
PIX是一款防火墙设备,可为用户和应用提供策略强化、多载体攻击防护和安全连接服务;自适应安全设备(ASA)是可提供安全和VPN服务的模块化平台。 Cisco PIX/ASA设备中存在多个远程漏洞,远程攻击者可能利用此漏洞导致设备无法正常工作或绕过认证。 具体如下: 绕过LDAP认证 +------------------------- 使用LDAP AAA服务器对终止的L2TP IPSec隧道或远程管理会话进行认证的Cisco ASA 和PIX设备可能受认证绕过攻击的影响,更多信息请见以下公告: 2层隧道协议(L2TP) 必须将终止L2TP...
CVE-2006-0515
Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...
Authentication flaw
Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...
CVE-2006-0515
Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...