Lucene search
K

14 matches found

CVE
CVE
added 2005/11/23 12:0 a.m.74 views

CVE-2005-3774

CVE-2005-3774 affects Cisco PIX firewall versions 6.3 and 7.0. Remote attackers can cause a denial of service by sending spoofed TCP packets that generate embryonic connections that never complete. Details include (1) SYN packets with invalid checksums, (2) one byte of meaningless data, or (3) a ...

5CVSS6.7AI score0.18207EPSS
CVE
CVE
added 2009/04/09 3:0 p.m.63 views

CVE-2009-1160

Cisco ASA 5500 Series and PIX Security Appliances are affected by CVE-2009-1160 due to improper implementation of the implicit deny at the end of ACLs, allowing remote attackers to bypass access restrictions. The advisory covers multiple vulnerabilities, with the specific ACL bypass (Bug CSCsq912...

4.3CVSS6.8AI score0.0114EPSS
CVE
CVE
added 2009/04/09 3:0 p.m.61 views

CVE-2009-1157

CVE-2009-1157 refers to a memory leak DoS on Cisco ASA 5500 Series and Cisco PIX after receiving crafted TCP packets. Affected software includes 7.x, 8.0, and 8.1 releases with memory exhaustion or device reload as the impact. The Cisco advisory assigns fixed releases: 7.2(4)30 (and 7.2 family), ...

7.8CVSS6.7AI score0.0266EPSS
CVE
CVE
added 2008/10/23 9:0 p.m.60 views

CVE-2008-3815

CVE-2008-3815 affects Cisco ASA/PIX devices (5500 series) when VPNs are configured with Windows NT Domain authentication. The vulnerability allows remote attackers to bypass VPN authentication via unknown vectors. Affected software versions and first fixed releases are: 7.0 before 7.0(8)3; 7.1 be...

4.3CVSS6.7AI score0.01547EPSS
CVE
CVE
added 2009/04/09 3:0 p.m.60 views

CVE-2009-1159

CVE-2009-1159 affects Cisco ASA 5500 Series and Cisco PIX Security Appliances; SQLNet inspection vulnerability can cause device reload via a series of SQL Net packets. Affected software versions: 7.2 (before 7.2(4)26), 8.0 (before 8.0(4)22), 8.1 (before 8.1(2)12). Exploitation requires a TCP thre...

7.8CVSS6.7AI score0.01916EPSS
CVE
CVE
added 2007/05/02 10:0 p.m.58 views

CVE-2007-2462

CVE-2007-2462 affects Cisco ASA and PIX firewalls (ASA/PIX) running 7.2 prior to 7.2(2)8. The vulnerability allows remote attackers to bypass LDAP authentication and gain privileges when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, via unspecified vectors. Connected source...

10CVSS7.2AI score0.06451EPSS
CVE
CVE
added 2009/04/09 3:0 p.m.57 views

CVE-2009-1155

Cisco ASA 5500 Series and Cisco PIX Security Appliances are affected by CVE-2009-1155. When the override-account-disable feature is enabled in tunnel-group general-attributes, remote attackers can bypass authentication and establish a VPN session to the ASA/PIX via unspecified vectors. Affected s...

7.8CVSS7AI score0.0188EPSS
CVE
CVE
added 2007/05/02 10:0 p.m.56 views

CVE-2007-2461

The CVE affects Cisco ASA and PIX devices running ASA/PIX software 7.2(1)–7.2(2.14). The vulnerability is triggered by certain DHCP packets in a multi-DHCP-server environment, causing the DHCP relay agent to leak memory and the device to drop traffic (DoS). Cisco has confirmed the issue and relea...

7.8CVSS6.6AI score0.04372EPSS
CVE
CVE
added 2007/05/02 10:0 p.m.55 views

CVE-2007-2464

Cisco ASA/PIX race condition (CVE-2007-2464) affects ASA and PIX (versions 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19) when using clientless SSL VPNs, allowing remote attackers to trigger a denial of service (device reload) via non-standard SSL sessions. The fault is a race condition in handling...

7.1CVSS6.6AI score0.02942EPSS
CVE
CVE
added 2009/04/09 3:0 p.m.54 views

CVE-2009-1156

CVE-2009-1156 affects Cisco ASA 5500 Series devices running 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15 when SSL VPN or ASDM is configured. A crafted SSL or HTTP packet can cause a denial of service resulting in a device reload. Fixed releases are 8.0(4)28+ and 8.1(2)19+, respectively (earlier fi...

5.7CVSS6.8AI score0.00742EPSS
CVE
CVE
added 2009/04/09 3:0 p.m.54 views

CVE-2009-1158

Cisco ASA/PIX 5500 Series are affected by CVE-2009-1158 due to crafted H.323 packets causing device reloads when H.323 inspection is enabled. The vulnerability affects ASA/PIX software versions 7.0 up to 8.1 before specific fixed releases. The Security Advisory documents the first fixed releases ...

7.8CVSS6.7AI score0.01916EPSS
CVE
CVE
added 2007/05/02 10:0 p.m.52 views

CVE-2007-2463

Cisco ASA/PIX vulnerabilities (CVE-2007-2463) affect ASA and PIX releases: 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17. Remote attackers can cause a denial of service (device reload) via VPN termination and password expiry issues. Mitigation: upgrade to 7.1(2)49 or later for 7.1 line, and to 7.2(...

7.8CVSS6.7AI score0.02877EPSS
CVE
CVE
added 2008/09/04 4:0 p.m.49 views

CVE-2008-2733

CVE-2008-2733 affects Cisco PIX/ASA 5500 series when configured as a client VPN endpoint, allowing a remote attacker to cause a device reload (denial of service) via crafted IPSec client authentication. Affected software includes 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4. Ci...

7.1CVSS6.8AI score0.03193EPSS
CVE
CVE
added 2008/09/04 4:0 p.m.41 views

CVE-2008-2732

CVE-2008-2732 covers multiple erroneous SIP processing vulnerabilities in Cisco PIX and ASA (5500 series) that may cause device reloads via SIP inspection. Affected software versions include Cisco PIX/ASA releases prior to 7.0(7)16, 7.1 prior to 7.1(2)71, 7.2 prior to 7.2(4)7, 8.0 prior to 8.0(3)...

7.8CVSS6.9AI score0.03419EPSS