29 matches found
CVE-2004-0079
The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...
CVE-2004-0081
CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...
CVE-2004-0112
The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...
CVE-2011-0394
The CVE-2011-0394 issue affects Cisco ASA 5500 series (software 7.0 before 7.0(8.11); 7.1/7.2 before 7.2(5.1); 8.0 before 8.0(5.19); 8.1 before 8.1(2.47); 8.2 before 8.2(2.19); 8.3 before 8.3(1.8)); Cisco PIX 500 series; and Cisco FWSM 3.1/3.2/4.0/4.1. It allows remote attackers to cause a device...
CVE-2007-5568
Cisco PIX/ASA appliances running 7.0–8.0 and Cisco FWSM 3.1(5) and earlier are affected by CVE-2007-5568, where remote attackers can cause a denial of service (device reload) through crafted MGCP packets. The root cause is improper handling of MGCP traffic (and related TLS/traffic handling per PT...
CVE-2013-1195
CVE-2013-1195 affects Cisco ASA and Cisco FWSM time-based ACL handling. The time-range object does not properly process periodic statements, allowing remote attackers to bypass access lists by sending traffic during denied time periods. Root cause: improper implementation of the time-range period...
CVE-2007-0962
Cisco PIX 500, ASA 5500 Series, and FWSM devices are affected by a DoS vulnerability triggered by malformed HTTP traffic when the built-in HTTP inspection (inspect http) is enabled. A remote attacker can cause a device reboot, with impact described as an availability loss. Affected versions are: ...
CVE-2010-2820
The CVE-2010-2820 issue is a SunRPC inspection Denial of Service affecting Cisco FWSM on Catalyst 6500 and 7600 platforms. It arises when SunRPC inspection is enabled and crafted SunRPC messages trigger a device reload, leading to a DoS condition. Affected software lines include 3.x and 4.x relea...
CVE-2007-0964
The vulnerability CVE-2007-0964 affects Cisco Firewall Services Module (FWSM) 3.x prior to 3.1(3.18). The root cause is an error when processing malformed HTTPS requests during authentication configured via aaa authentication match or aaa authentication include, which can allow remote attackers t...
CVE-2007-0966
The CVE-2007-0966 issue affects Cisco's Firewall Services Module (FWSM) versions 3.x prior to 3.1(3.11). When the embedded HTTPS server is enabled, crafted HTTPS traffic can trigger a remote DoS that reboots/reloads the device. Root cause is an error in handling certain HTTPS requests by the embe...
CVE-2010-0151
CVE-2010-0151 affects Cisco ASA 5500 Series and Cisco Firewall Services Module (FWSM) when Skinny SCCP inspection is enabled. A malformed SCCP message can cause the device to reload (DoS). The Cisco advisory assigns CVE-2010-0151 to this SCCP vulnerability; affected trains include ASA software ve...
CVE-2010-2818
CVE-2010-2818 affects Cisco FWSM SunRPC inspection on Catalyst 6500/7600 platforms. When SunRPC inspection is enabled, crafted SunRPC messages can cause a device reload (DoS). Affects FWSM software in the 3.x/4.x line; fixed releases include 3.1(17.2), 3.2(16.1), 4.0(10.1), and 4.1(1.1). Mitigati...
CVE-2012-0356
CVE-2012-0356 affects Cisco ASA 5500 series and ASASM, plus the FWSM on Catalyst 6500, when multicast routing is enabled. The vulnerability arises from improper handling of PIM messages, potentially allowing a remote attacker to trigger a device reload. Affected software ranges include ASA/ASASM ...
CVE-2010-2821
Cisco FWSM vulnerabilities (CVE-2010-2821, related SunRPC/TCP DoS) may cause device reloads when multi-mode is enabled and TCP-based traffic (Telnet/SSH/ASDM) is processed. Affected: Cisco FWSM on Catalyst 6500 and 7600 platforms with software 3.x up to 3.2(17.2), 4.x up to 4.0(11.1), and 4.1 up ...
CVE-2005-3669
CVE-2005-3669 covers multiple unspecified vulnerabilities in the Internet Key Exchange v1 (IKEv1) implementation in Cisco products that cause a denial of service (device reset) via malformed IKE packets, demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The Cisco advisory lacks details to m...
CVE-2007-0968
CVE-2007-0968 affects Cisco Firewall Services Module (FWSM) prior to 2.3(4.7) and 3.x prior to 3.1(3.1). The issue is an improper evaluation of access control entries (ACE) in an ACL, allowing remote authenticated users to bypass intended protections. Connected sources confirm this is a vulnerabi...
CVE-2007-5570
CVE-2007-5570 concerns Cisco Firewall Services Module (FWSM) versions 3.2(1), and 3.1(5) and earlier. The vulnerability allows remote attackers to cause a denial-of-service (device reload) by sending a crafted HTTPS request (aka CSCsi77844). The available connected documents confirm the affected ...
CVE-2007-5584
CVE-2007-5584 affects Cisco Firewall Services Module (FWSM) running software version 3.2(3) . A vulnerability in the control-plane path data handling within the Layer 7 Application Inspection module can be triggered by normal traffic, causing the FWSM to reload and leading to a denial of service....
CVE-2006-0515
CVE-2006-0515 affects Cisco PIX/ASA and Websense integration. Affected: Cisco PIX/ASA versions 7.1.x before 7.1(2) and 7.0.x before 7.0(5); PIX 6.3.x before 6.3.5(112); and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7) . Root cause: handling of HTTP requests when the GET method is split across m...
CVE-2007-0963
CVE-2007-0963 : Cisco Firewall Services Module (FWSM) 3.x prior to 3.1(3.3) is affected when logging at the debug level. The vulnerability allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of common protocols (e.g., TCP/UDP), triggering a reboot ...
CVE-2003-1001
CVE-2003-1001 describes a buffer overflow in the Cisco Firewall Services Module (FWSM) used on Cisco Catalyst 6500 and 7600 series devices. The flaw allows remote attackers to trigger a denial of service (crash and reload) through HTTP authentication requests for TACACS+ or RADIUS. Multiple sourc...
CVE-2007-0967
Cisco FWSM (Firewall Services Module) 3.x prior to 3.1(3.1) is affected. The vulnerability arises from processing malformed SNMP requests, allowing remote attackers to trigger a denial-of-service resulting in a device reboot (network-based). The issue is exploitable remotely with no authenticatio...
CVE-2009-0638
CVE-2009-0638 affects Cisco FWSM (Firewall Services Module) on Catalyst 6500 and 7600 platforms. The vulnerability arises when the device processes multiple crafted ICMP messages, causing a denial-of-service by stopping traffic forwarding or failing to process management/transit traffic. Affected...
CVE-2007-0965
Cisco FWSM 3.x before 3.1(3.2) is affected. When authentication uses "aaa authentication match" or "aaa authentication include", remote attackers can cause a denial of service (device reboot) by sending a long HTTP request. The description and related metrics indicate a network-facing DoS impact,...
CVE-2010-2819
The CVE-2010-2819 entry concerns the SunRPC inspection vulnerability in Cisco FWSM (Firewall Services Module) for Catalyst 6500 Series switches and 7600 Series routers. Affected software versions include 3.x and 4.x before specific fixed releases (3.1(17.2), 3.2(16.1), 4.0(10.1), 4.1(1.1)); explo...
CVE-2005-1517
The Cisco Firewall Services Module (FWSM) 2.3.1 and earlier is affected by a vulnerability where TCP packets can bypass access control lists (ACLs) when URL, FTP, or HTTPS filtering exceptions are used. This is documented in CVE-2005-1517 and referenced in Cisco’s security advisory and NVD record...
CVE-2013-1193
CVE-2013-1193 affects Cisco ASA and Cisco FWSM SSH handling, where improper termination of SSH sessions allows an attacker to cause a denial of service by repeatedly opening SSH connections. Public docs confirm the issue and reference Cisco advisory Cisco-SA-20130412-CVE-2013-1193; some sources a...
CVE-2003-1002
CVE-2003-1002 affects Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices. A remote attacker can trigger a denial of service by sending an SNMPv3 message when snmp-server is configured, causing a crash and reload. Exploitation details are not provided in the conne...
CVE-2007-5571
Cisco Firewall Services Module (FWSM) 3.1(6) and 3.2(2) and earlier does not properly enforce edited ACLs, potentially allowing remote attackers to bypass network traffic restrictions. Affected component: ACL enforcement in FWSM. Root cause: misimplementation of edited ACL handling leading to byp...