4 matches found
CVE-2005-4499
CVE-2005-4499 affects Cisco PIX and VPN 3000 concentrators via the Downloadable RADIUS ACLs feature. When an ACL is created on CS ACS, the system generates a random internal name that doubles as a hidden username and password, enabling a remote attacker to sniff the cleartext username from a RADI...
CVE-2006-4194
CVE-2006-4032 (Cisco IOS CME) and CVE-2006-4194 involve an unspecified vulnerability in Cisco products (CME and PIX 500) where remote attackers can access sensitive information (e.g., SIP user directory usernames) through SIP-related messages or fixups. The description notes the vendor could not ...
CVE-2006-3906
CVE-2006-3906 describes a DoS in the IKEv1 implementation on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls. The root cause is improper handling of large volumes of IKE Phase-1 requests, leading to resource exhaustion and degraded availability. Exploitation is possible without valid credent...
CVE-2006-4312
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances are affected when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and FWSM 3.1(x) up to 3.1(1.6). The vulnerability causes the EXEC password, local user passwords, and the enable password to be change...