19 results (0.012 seconds)

CVSS: 7.8EPSS: 2%CPEs: 16EXPL: 0

The Cisco Firewall Services Module (FWSM) 2.x, 3.1 before 3.1(16), 3.2 before 3.2(13), and 4.0 before 4.0(6) for Cisco Catalyst 6500 switches and Cisco 7600 routers allows remote attackers to cause a denial of service (traffic-handling outage) via a series of malformed ICMP messages. Cisco Firewall Services Module (FWSM) 2.x, 3.1 antes de 3.1(16), 3.2 antes de 3.2(13)y 4.0 antes de 4.0(6) para los switches Cisco Catalyst 6500 y los routers Cisco 7600 permite a atacantes remotos provocar una denegación de servicio (parada de la gestión del tráfico) mediante una serie de mensajes ICMP malformados. • http://secunia.com/advisories/36373 http://securitytracker.com/id?1022747 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af0d1d.shtml http://www.securityfocus.com/bid/36085 http://www.vupen.com/english/advisories/2009/2329 https://exchange.xforce.ibmcloud.com/vulnerabilities/52591 •

CVSS: 6.8EPSS: 4%CPEs: 2EXPL: 0

Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, does not properly enforce edited ACLs, which might allow remote attackers to bypass intended restrictions on network traffic, aka CSCsj52536. Cisco Firewall Services Module (FWSM) 3.1(6), y 3.2(2) y anteriores, no aplica correctamente la edición de ACLs, lo cual podría permitir a atacantes remotos evitar restricciones intencionadas sobre el tráfico de red, también conocido como CSCsj52536. • http://secunia.com/advisories/27236 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml http://www.securityfocus.com/bid/26109 http://www.securitytracker.com/id?1018825 http://www.vupen.com/english/advisories/2007/3530 https://exchange.xforce.ibmcloud.com/vulnerabilities/37258 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cause a denial of service (device reload) via a crafted HTTPS request, aka CSCsi77844. Cisco Firewall Services Module (FWSM) 3.2(1), y 3.1(5) y anteriores, permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de una respuesta HTTPS manipulada, también conocido como CSCsi77844. • http://secunia.com/advisories/27236 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml http://www.securityfocus.com/bid/26109 http://www.securitytracker.com/id?1018825 http://www.vupen.com/english/advisories/2007/3530 https://exchange.xforce.ibmcloud.com/vulnerabilities/37251 • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 13%CPEs: 25EXPL: 0

Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM). Cisco PIX y ASA appliances con software 7.0 hasta 8.0, y Cisco Firewall Services Module (FWSM) 3.1(5) y anteriores, permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de un paquete manipulado MGCP, también conocido como CSCsi90468 (appliance) y CSCsi00694 (FWSM). • http://secunia.com/advisories/27193 http://secunia.com/advisories/27236 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml http://www.securityfocus.com/bid/26104 http://www.securityfocus.com/bid/26109 http://www.securitytracker.com/id?1018825 http://www.securitytracker.com/id?1018826 http://www.securitytracker.com/id?1018827 http://www.vupen.com/english/advisories/2007/3530 h • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request. Cisco FWSM 3.x versiones anteriores a 3.1(3.2), cuando la autenticación esta configurada para usar "aaa authentication match" ó "aaa authentication include", permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) mediante una petición HTTP larga. • http://secunia.com/advisories/24172 http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml http://www.securityfocus.com/bid/22561 http://www.vupen.com/english/advisories/2007/0609 •