8 matches found
CVE-2014-3382
The CVE-2014-3382 entry corresponds to a DoS in Cisco ASA's SQLNET Inspection Engine. A remote attacker can trigger a device reload by sending crafted SQL REDIRECT packets, affecting ASA Software releases listed in the advisory (7.2–9.1 family with specific sub-versions). The vulnerability is tie...
CVE-2014-3383
CVE-2014-3383 affects Cisco ASA Software 9.1 before 9.1(5.1). The IKE implementation in the VPN component can be triggered by crafted UDP packets, allowing a remote attacker to cause a denial of service (device reload). Affected description is supported by multiple sources in the provided connect...
CVE-2014-3385
CVE-2014-3385 is a race condition in the Health and Performance Monitoring (HPM) feature of Cisco ASA Software that can be exploited by sending a large number of half-open TCP connections to trigger a device reload and DoS. Affected ASA versions include 8.3 (before 8.3(2.42)), 8.4 (before 8.4(7.1...
CVE-2014-3389
CVE-2014-3389 affects Cisco ASA VPN Failover component. The vulnerability arises from an improper implementation of the internal tunnel-filter for packets from an established VPN tunnel, allowing remote authenticated users to obtain failover-unit access via crafted packets. Connected advisories c...
CVE-2014-3388
Cisco ASA DNS Inspection Engine DoS vulnerability (CVE-2014-3388) affects ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2). A remote attacker can cause a device reload by sending crafted DNS packets, as described in Cisco’s advisory and CVE entry. Affected component i...
CVE-2014-3387
Summary (CVE-2014-3387): The SunRPC Inspection Engine in Cisco ASA Software Vulnerable in listed release ranges (7.2 before 7.2(5.14), 8.x before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), 9.1 befor...
CVE-2014-3384
CVE-2014-3384 affects Cisco ASA Software: IKEv2 implementation can be exploited by remote attackers to cause a denial of service (device reload) during tunnel creation. The vulnerability stems from the IKEv2 code handling crafted packets, with validated impact across listed versions: 8.4 before 8...
CVE-2014-3386
The CVE-2014-3386 entry concerns Cisco ASA Software, affecting the GPRS Tunneling Protocol (GTP) inspection engine. The vulnerability allows an unauthenticated, remote attacker to cause a denial of service (device reload) by sending a crafted sequence of GTP packets (Bug ID CSCum56399). Affected ...