17 matches found
CVE-2011-0396
CVE-2011-0396 affects Cisco ASA 5500 Series devices with ASA software versions 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13). When a Certificate Authority (CA) is configured, remote attackers could read arbitrary files via unspecified vectors. This vuln...
CVE-2010-0149
CVE-2010-0149 affects Cisco ASA 5500 Series (and Cisco PIX 500) where remote attackers can trigger a TCP connection exhaustion DoS by sending crafted TCP segments during connection termination, leaving connections in CLOSEWAIT. Root cause is specific TCP segments that bypass normal termination ha...
CVE-2010-2816
CVE-2010-2816 is a Cisco ASA 5500 Series DoS vulnerability in the SIP inspection feature. An unauthenticated, network-scoped attacker can trigger a device reload by sending crafted SIP packets. Affected software versions are ASA 5500 Series with 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2...
CVE-2011-0394
The CVE-2011-0394 issue affects Cisco ASA 5500 series (software 7.0 before 7.0(8.11); 7.1/7.2 before 7.2(5.1); 8.0 before 8.0(5.19); 8.1 before 8.1(2.47); 8.2 before 8.2(2.19); 8.3 before 8.3(1.8)); Cisco PIX 500 series; and Cisco FWSM 3.1/3.2/4.0/4.1. It allows remote attackers to cause a device...
CVE-2011-0393
Cisco ASA 5500 Series and PIX 500 devices in transparent firewall mode (with IPv6 disabled) are affected by CVE-2011-0393 due to packet buffer exhaustion when IPv6 traffic is processed. Cisco bug CSCtj04707 describes this condition. Exploitation could cause a denial of service (packet buffers dep...
CVE-2010-0568
CVE-2010-0568 describes an NTLMv1 authentication bypass vulnerability affecting Cisco ASA 5500 Series (and PIX 500 Series) where a crafted username can bypass NTLMv1 authentication. The issue is documented in Cisco’s advisory with multiple related vulnerabilities; for NTLMv1 specifically, fixed s...
CVE-2010-2815
CVE-2010-2815 affects Cisco ASA 5500 Series and PIX 500 series TLS/SSL processing. A DoS can be triggered by a sequence of crafted TLS packets, causing a device reload. Affected software versions and fixed releases are documented in Cisco PSIRT: upgrade to 7.2(5) or later for 7.2.x, 8.0(5.15) or ...
CVE-2010-0566
Cisco ASA 5500 Series Vulnerability (CVE-2010-0566): a crafted TCP segment can trigger a reload/DoS when a nailed static NAT and the inline Cisco AIP-SSM are used. Affected: ASA 7.0.x, 7.1.x, 7.2.x, 8.0.x, 8.1.x, 8.2.x. First fixed releases: 7.2(4.45), 8.0(4.44), 8.1(2.35), 8.2(1.10). Mitigation:...
CVE-2010-0567
CVE-2010-0567 affects Cisco ASA 5500 Series and Cisco PIX 500 Series. A vulnerability in processing malformed IKE messages through an existing IPsec tunnel to UDP port 4500 can cause denial of service by tearing down all IPsec tunnels terminating on the device and prevent new tunnels from being e...
CVE-2011-0395
Cisco ASA 5500 Series devices are affected by CVE-2011-0395 when RIP is enabled together with the Cisco Phone Proxy feature. The issue allows remote attackers to trigger a denial of service (device reload) via crafted RIP updates. Affected software versions include 8.0 before 8.0(5.20), 8.1 befor...
CVE-2010-2814
CVE-2010-2814 affects Cisco ASA 5500 Series (and PIX 500) TLS implementation. A sequence of crafted TLS packets can trigger a denial of service, causing the device to reload (unavailability). Reported as Bug CSCtf37506. Affected software and fixed releases per sources: 7.2.x before 7.2(5) → upgra...
CVE-2010-2817
CVE-2010-2817 concerns an unspecified DoS vulnerability in the IKE implementation of Cisco ASA 5500-series devices (and Cisco PIX 500-series) that can cause a device reload via a crafted IKE message. Connected documents confirm affected software ranges and fixed versions: ASA 7.0 up to 7.0(8.11);...
CVE-2010-4354
The CVE covers a vulnerability in Cisco VPN products where remote attackers could enumerate valid VPN group names by sending an IKE Aggressive Mode packet with the group name in the ID field. Affected devices include ASA 5500 series, PIX 500 series, and VPN Concentrators 3000 series. Root cause i...
CVE-2007-5569
Cisco PIX/ASA appliances running 7.1–7.2 are affected by a denial-of-service that can cause a device reload when processing MGCP or TLS traffic. The issue manifests when handling crafted packets to the appliance, with the root cause described as a flaw in processing certain MGCP/TLS data sequence...
CVE-2010-0569
CVE-2010-0569 is a Cisco ASA 5500 Series SIP Inspection DoS vulnerability. A malformed SIP message can trigger a reload of the appliance, affecting ASA versions 7.x, 8.0.x, 8.1.x and 8.2.x (including PIX 500). The Cisco advisory CSCsa-20100217-asa lists affected bug IDs CSCtc96018 among others an...
CVE-2010-0565
Cisco ASA 5500 Series is affected by CVE-2010-0565 via a WebVPN DTLS Denial of Service vulnerability. A malformed DTLS message sent to the DTLS port (default UDP 443) can cause a page fault and device reload when WebVPN and DTLS are enabled. Affected software versions include 7.2.x before 7.2(4.4...
CVE-2010-0150
CVE-2010-0150 affects Cisco ASA 5500 Series and Cisco PIX 500 Series, where malformed SIP messages sent to transit traffic can trigger a denial-of-service that reloads the device when SIP inspection is enabled. Cisco’s advisory ties this to two SIP-inspection DoS bugs (CSCsy91157 and CSCtc96018) ...