Lucene search
K
CiscoFirewall Services Module

29 matches found

CVE
CVE
added 2004/03/18 5:0 a.m.133 views

CVE-2004-0079

The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...

7.5CVSS7.1AI score0.09537EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.121 views

CVE-2004-0081

CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...

5CVSS7.2AI score0.07229EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.109 views

CVE-2004-0112

The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...

5CVSS7.2AI score0.10424EPSS
CVE
CVE
added 2011/02/25 11:0 a.m.67 views

CVE-2011-0394

The CVE-2011-0394 issue affects Cisco ASA 5500 series (software 7.0 before 7.0(8.11); 7.1/7.2 before 7.2(5.1); 8.0 before 8.0(5.19); 8.1 before 8.1(2.47); 8.2 before 8.2(2.19); 8.3 before 8.3(1.8)); Cisco PIX 500 series; and Cisco FWSM 3.1/3.2/4.0/4.1. It allows remote attackers to cause a device...

7.8CVSS6.7AI score0.03442EPSS
CVE
CVE
added 2007/10/18 9:0 p.m.66 views

CVE-2007-5568

Cisco PIX/ASA appliances running 7.0–8.0 and Cisco FWSM 3.1(5) and earlier are affected by CVE-2007-5568, where remote attackers can cause a denial of service (device reload) through crafted MGCP packets. The root cause is improper handling of MGCP traffic (and related TLS/traffic handling per PT...

7.1CVSS6.6AI score0.0218EPSS
CVE
CVE
added 2013/04/24 10:0 a.m.65 views

CVE-2013-1195

CVE-2013-1195 affects Cisco ASA and Cisco FWSM time-based ACL handling. The time-range object does not properly process periodic statements, allowing remote attackers to bypass access lists by sending traffic during denied time periods. Root cause: improper implementation of the time-range period...

5CVSS7AI score0.01247EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.64 views

CVE-2007-0962

Cisco PIX 500, ASA 5500 Series, and FWSM devices are affected by a DoS vulnerability triggered by malformed HTTP traffic when the built-in HTTP inspection (inspect http) is enabled. A remote attacker can cause a device reboot, with impact described as an availability loss. Affected versions are: ...

7.8CVSS6.6AI score0.02354EPSS
CVE
CVE
added 2010/08/06 7:31 p.m.64 views

CVE-2010-2820

The CVE-2010-2820 issue is a SunRPC inspection Denial of Service affecting Cisco FWSM on Catalyst 6500 and 7600 platforms. It arises when SunRPC inspection is enabled and crafted SunRPC messages trigger a device reload, leading to a DoS condition. Affected software lines include 3.x and 4.x relea...

7.8CVSS6.8AI score0.0122EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.61 views

CVE-2007-0964

The vulnerability CVE-2007-0964 affects Cisco Firewall Services Module (FWSM) 3.x prior to 3.1(3.18). The root cause is an error when processing malformed HTTPS requests during authentication configured via aaa authentication match or aaa authentication include, which can allow remote attackers t...

5.4CVSS6.9AI score0.01493EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.61 views

CVE-2007-0966

The CVE-2007-0966 issue affects Cisco's Firewall Services Module (FWSM) versions 3.x prior to 3.1(3.11). When the embedded HTTPS server is enabled, crafted HTTPS traffic can trigger a remote DoS that reboots/reloads the device. Root cause is an error in handling certain HTTPS requests by the embe...

7.8CVSS6.6AI score0.01916EPSS
CVE
CVE
added 2010/02/19 5:0 p.m.61 views

CVE-2010-0151

CVE-2010-0151 affects Cisco ASA 5500 Series and Cisco Firewall Services Module (FWSM) when Skinny SCCP inspection is enabled. A malformed SCCP message can cause the device to reload (DoS). The Cisco advisory assigns CVE-2010-0151 to this SCCP vulnerability; affected trains include ASA software ve...

7.8CVSS6.5AI score0.01995EPSS
CVE
CVE
added 2010/08/06 7:31 p.m.60 views

CVE-2010-2818

CVE-2010-2818 affects Cisco FWSM SunRPC inspection on Catalyst 6500/7600 platforms. When SunRPC inspection is enabled, crafted SunRPC messages can cause a device reload (DoS). Affects FWSM software in the 3.x/4.x line; fixed releases include 3.1(17.2), 3.2(16.1), 4.0(10.1), and 4.1(1.1). Mitigati...

7.8CVSS6.8AI score0.0122EPSS
CVE
CVE
added 2012/03/15 12:0 a.m.60 views

CVE-2012-0356

CVE-2012-0356 affects Cisco ASA 5500 series and ASASM, plus the FWSM on Catalyst 6500, when multicast routing is enabled. The vulnerability arises from improper handling of PIM messages, potentially allowing a remote attacker to trigger a device reload. Affected software ranges include ASA/ASASM ...

7.8CVSS6.5AI score0.02076EPSS
CVE
CVE
added 2010/08/06 7:31 p.m.59 views

CVE-2010-2821

Cisco FWSM vulnerabilities (CVE-2010-2821, related SunRPC/TCP DoS) may cause device reloads when multi-mode is enabled and TCP-based traffic (Telnet/SSH/ASDM) is processed. Affected: Cisco FWSM on Catalyst 6500 and 7600 platforms with software 3.x up to 3.2(17.2), 4.x up to 4.0(11.1), and 4.1 up ...

7.1CVSS6.9AI score0.01073EPSS
CVE
CVE
added 2005/11/18 9:0 p.m.58 views

CVE-2005-3669

CVE-2005-3669 covers multiple unspecified vulnerabilities in the Internet Key Exchange v1 (IKEv1) implementation in Cisco products that cause a denial of service (device reset) via malformed IKE packets, demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The Cisco advisory lacks details to m...

5CVSS6.9AI score0.05143EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.58 views

CVE-2007-0968

CVE-2007-0968 affects Cisco Firewall Services Module (FWSM) prior to 2.3(4.7) and 3.x prior to 3.1(3.1). The issue is an improper evaluation of access control entries (ACE) in an ACL, allowing remote authenticated users to bypass intended protections. Connected sources confirm this is a vulnerabi...

9CVSS6.2AI score0.02045EPSS
CVE
CVE
added 2007/10/18 9:0 p.m.58 views

CVE-2007-5570

CVE-2007-5570 concerns Cisco Firewall Services Module (FWSM) versions 3.2(1), and 3.1(5) and earlier. The vulnerability allows remote attackers to cause a denial-of-service (device reload) by sending a crafted HTTPS request (aka CSCsi77844). The available connected documents confirm the affected ...

7.8CVSS6.6AI score0.03218EPSS
CVE
CVE
added 2007/12/20 2:0 a.m.58 views

CVE-2007-5584

CVE-2007-5584 affects Cisco Firewall Services Module (FWSM) running software version 3.2(3) . A vulnerability in the control-plane path data handling within the Layer 7 Application Inspection module can be triggered by normal traffic, causing the FWSM to reload and leading to a denial of service....

7.8CVSS6.4AI score0.01978EPSS
CVE
CVE
added 2006/05/09 10:0 a.m.57 views

CVE-2006-0515

CVE-2006-0515 affects Cisco PIX/ASA and Websense integration. Affected: Cisco PIX/ASA versions 7.1.x before 7.1(2) and 7.0.x before 7.0(5); PIX 6.3.x before 6.3.5(112); and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7) . Root cause: handling of HTTP requests when the GET method is split across m...

7.5CVSS6.9AI score0.08825EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.57 views

CVE-2007-0963

CVE-2007-0963 : Cisco Firewall Services Module (FWSM) 3.x prior to 3.1(3.3) is affected when logging at the debug level. The vulnerability allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of common protocols (e.g., TCP/UDP), triggering a reboot ...

7.8CVSS6.7AI score0.01619EPSS
CVE
CVE
added 2003/12/17 5:0 a.m.56 views

CVE-2003-1001

CVE-2003-1001 describes a buffer overflow in the Cisco Firewall Services Module (FWSM) used on Cisco Catalyst 6500 and 7600 series devices. The flaw allows remote attackers to trigger a denial of service (crash and reload) through HTTP authentication requests for TACACS+ or RADIUS. Multiple sourc...

5CVSS7.1AI score0.01378EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.56 views

CVE-2007-0967

Cisco FWSM (Firewall Services Module) 3.x prior to 3.1(3.1) is affected. The vulnerability arises from processing malformed SNMP requests, allowing remote attackers to trigger a denial-of-service resulting in a device reboot (network-based). The issue is exploitable remotely with no authenticatio...

7.8CVSS6.6AI score0.0167EPSS
CVE
CVE
added 2009/08/20 10:0 p.m.56 views

CVE-2009-0638

CVE-2009-0638 affects Cisco FWSM (Firewall Services Module) on Catalyst 6500 and 7600 platforms. The vulnerability arises when the device processes multiple crafted ICMP messages, causing a denial-of-service by stopping traffic forwarding or failing to process management/transit traffic. Affected...

7.8CVSS6.7AI score0.02853EPSS
CVE
CVE
added 2007/02/16 12:0 a.m.55 views

CVE-2007-0965

Cisco FWSM 3.x before 3.1(3.2) is affected. When authentication uses "aaa authentication match" or "aaa authentication include", remote attackers can cause a denial of service (device reboot) by sending a long HTTP request. The description and related metrics indicate a network-facing DoS impact,...

7.8CVSS6.9AI score0.01813EPSS
CVE
CVE
added 2010/08/06 7:31 p.m.55 views

CVE-2010-2819

The CVE-2010-2819 entry concerns the SunRPC inspection vulnerability in Cisco FWSM (Firewall Services Module) for Catalyst 6500 Series switches and 7600 Series routers. Affected software versions include 3.x and 4.x before specific fixed releases (3.1(17.2), 3.2(16.1), 4.0(10.1), 4.1(1.1)); explo...

7.8CVSS6.8AI score0.0122EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.54 views

CVE-2005-1517

The Cisco Firewall Services Module (FWSM) 2.3.1 and earlier is affected by a vulnerability where TCP packets can bypass access control lists (ACLs) when URL, FTP, or HTTPS filtering exceptions are used. This is documented in CVE-2005-1517 and referenced in Cisco’s security advisory and NVD record...

7.5CVSS6.6AI score0.01202EPSS
CVE
CVE
added 2013/04/16 10:0 a.m.54 views

CVE-2013-1193

CVE-2013-1193 affects Cisco ASA and Cisco FWSM SSH handling, where improper termination of SSH sessions allows an attacker to cause a denial of service by repeatedly opening SSH connections. Public docs confirm the issue and reference Cisco advisory Cisco-SA-20130412-CVE-2013-1193; some sources a...

5CVSS6.8AI score0.01233EPSS
CVE
CVE
added 2003/12/17 5:0 a.m.52 views

CVE-2003-1002

CVE-2003-1002 affects Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices. A remote attacker can trigger a denial of service by sending an SNMPv3 message when snmp-server is configured, causing a crash and reload. Exploitation details are not provided in the conne...

5CVSS6.8AI score0.01273EPSS
CVE
CVE
added 2007/10/18 9:0 p.m.49 views

CVE-2007-5571

Cisco Firewall Services Module (FWSM) 3.1(6) and 3.2(2) and earlier does not properly enforce edited ACLs, potentially allowing remote attackers to bypass network traffic restrictions. Affected component: ACL enforcement in FWSM. Root cause: misimplementation of edited ACL handling leading to byp...

6.8CVSS6.8AI score0.01764EPSS