EUVD-2017-15663

Malware in sbrugna...

Design/Logic Flaw

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

CVE-2017-6609

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets ...

Cisco ASA Software Internet Key Exchange Version 1 XAUTH Denial of Service Vulnerability

A vulnerability in the Internet Key Exchange Version 1 IKEv1 XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation...

Cisco ASA Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL and Transport Layer Security TLS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could explo...

Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability

A vulnerability in Common Internet Filesystem CIFS code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this...

CVE-2016-6431

A vulnerability in the local Certificate Authority CA feature of Cisco ASA Software before 9.61.5 could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker...

Design/Logic Flaw

A vulnerability in the local Certificate Authority CA feature of Cisco ASA Software before 9.61.5 could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker...

CVE-2016-6431

A vulnerability in the local Certificate Authority CA feature of Cisco ASA Software before 9.61.5 could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker...

Cisco ASA < 8.7(1.18) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)

Binary data 801948.prm...

Cisco ASA < 9.4(2.4) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)

Binary data 801953.prm...

Cisco ASA < 9.5(2.2) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)

Binary data 801954.prm...

Cisco ASA < 9.1(7) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)

Binary data 801950.prm...

Cisco ASA < 9.0(4.38) IKEv1 and IKEv2 UDP Packet Handling RCE (cisco-sa-20160210-asa-ike)

Binary data 801949.prm...

Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability

A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance ASA software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this...