10 matches found
CVE-2011-0396
CVE-2011-0396 affects Cisco ASA 5500 Series devices with ASA software versions 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13). When a Certificate Authority (CA) is configured, remote attackers could read arbitrary files via unspecified vectors. This vuln...
CVE-2005-4499
CVE-2005-4499 affects Cisco PIX and VPN 3000 concentrators via the Downloadable RADIUS ACLs feature. When an ACL is created on CS ACS, the system generates a random internal name that doubles as a hidden username and password, enabling a remote attacker to sniff the cleartext username from a RADI...
CVE-2010-2816
CVE-2010-2816 is a Cisco ASA 5500 Series DoS vulnerability in the SIP inspection feature. An unauthenticated, network-scoped attacker can trigger a device reload by sending crafted SIP packets. Affected software versions are ASA 5500 Series with 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2...
CVE-2006-4194
CVE-2006-4032 (Cisco IOS CME) and CVE-2006-4194 involve an unspecified vulnerability in Cisco products (CME and PIX 500) where remote attackers can access sensitive information (e.g., SIP user directory usernames) through SIP-related messages or fixups. The description notes the vendor could not ...
CVE-2006-3906
CVE-2006-3906 describes a DoS in the IKEv1 implementation on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls. The root cause is improper handling of large volumes of IKE Phase-1 requests, leading to resource exhaustion and degraded availability. Exploitation is possible without valid credent...
CVE-2010-2815
CVE-2010-2815 affects Cisco ASA 5500 Series and PIX 500 series TLS/SSL processing. A DoS can be triggered by a sequence of crafted TLS packets, causing a device reload. Affected software versions and fixed releases are documented in Cisco PSIRT: upgrade to 7.2(5) or later for 7.2.x, 8.0(5.15) or ...
CVE-2010-2817
CVE-2010-2817 concerns an unspecified DoS vulnerability in the IKE implementation of Cisco ASA 5500-series devices (and Cisco PIX 500-series) that can cause a device reload via a crafted IKE message. Connected documents confirm affected software ranges and fixed versions: ASA 7.0 up to 7.0(8.11);...
CVE-2011-0395
Cisco ASA 5500 Series devices are affected by CVE-2011-0395 when RIP is enabled together with the Cisco Phone Proxy feature. The issue allows remote attackers to trigger a denial of service (device reload) via crafted RIP updates. Affected software versions include 8.0 before 8.0(5.20), 8.1 befor...
CVE-2006-4312
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances are affected when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and FWSM 3.1(x) up to 3.1(1.6). The vulnerability causes the EXEC password, local user passwords, and the enable password to be change...
CVE-2010-2814
CVE-2010-2814 affects Cisco ASA 5500 Series (and PIX 500) TLS implementation. A sequence of crafted TLS packets can trigger a denial of service, causing the device to reload (unavailability). Reported as Bug CSCtf37506. Affected software and fixed releases per sources: 7.2.x before 7.2(5) → upgra...