17 results (0.039 seconds)

CVSS: 5.8EPSS: 0%CPEs: 566EXPL: 0

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. La implementación OSFPF en Cisco IOS v12.0 hasta la v 12.4 y v15.0 hasta v15.3, IOS-XE v2.x hasta la v3.9.xS, ASA y PIX 7.x hasta la v9.1, FWSM, NX-OS, y StarOS anterior a v14.0.50488 no valida correctamente los paquetes Link State Advertisement (LSA) tipo 1 antes de realizar operaciones en la base de datos LSA, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción del enrutamiento) u obtener información sensible a través de un paquete (1) unicast o (2) un paquete de multidifusión, también conocido como Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, y CSCug39795. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf http://www.kb.cert.org/vuls/id/229804 •

CVSS: 7.8EPSS: 2%CPEs: 95EXPL: 0

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v7.0 anterior a v7.0(8.11), v7.1 y v7.2 anterior a v7.2(5.1), v8.0 anterior a v8.0 (5.19), v8.1 anterior a v8.1 (2.47), v8.2 anterior a v8.2 (2.19), y v8.3 anterior a v8.3 (1.8); dispositivos Cisco PIX Security Appliances Serie 500; y Cisco Firewall Services Module (también conocido como FWSM) v3.1 anterior a v3.1 (20), v3.2 anterior a v3.2 (20), v4.0 anterior a v4.0 (15), y v4.1 anterior a v4.1(5) permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un mensaje Skinny Client Control Protocol (SCCP) manipulado, también conocido como error ID CSCtg69457 y CSCtl84952. • http://secunia.com/advisories/43453 http://secunia.com/advisories/43488 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml http://www.securityfocus.com/bid/46518 http://www.securitytracker.com/id?1025108 http://www.securitytracker.com/id?1025109 http://www.vupen.com/english/advisories/2011/0493 http://www.vupen.com/english/advisories/2011/0494 https://exchange.xforce.ibmcloud • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 65EXPL: 0

Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507. Vulnerabilidad no especificada en la implementación de Cisco Adaptive Security Appliances (ASA) para dispositivos de la serie 5500 con software v7.0 anteriores a v7.0(8.11), v7.1 y v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.15), v8.1 anteriores a v8.1(2.44), v8.2 anteriores a v8.2(2.10), y v8.3 anteriores a v8.3(1.1) y Cisco PIX Security Appliances para dispositivos de la serie 500, permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) mediante un mensajes IKE manipulados, también conocido como Bug ID CSCte46507. • http://secunia.com/advisories/40842 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml http://www.securityfocus.com/bid/42190 •

CVSS: 7.1EPSS: 1%CPEs: 6EXPL: 0

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet. Hay una vulnerabilidad no especificada en PIX 500 Series Security Appliance y 5500 Series Adaptive Security Appliance (ASA) de Cisco anterior a las versiones 7.2 (3) 6 y 8.0 (3), cuando la función de decremento de Time-to-Live (TTL) está habilitada, permite que los atacantes remotos causen una denegación de servicio (recarga del dispositivo) por medio de un paquete IP creado. • http://secunia.com/advisories/28625 http://www.cisco.com/warp/public/707/cisco-sa-20080123-asa.shtml http://www.securityfocus.com/bid/27418 http://www.securitytracker.com/id?1019262 http://www.securitytracker.com/id?1019263 http://www.vupen.com/english/advisories/2008/0259 https://exchange.xforce.ibmcloud.com/vulnerabilities/39862 •

CVSS: 5.0EPSS: 5%CPEs: 138EXPL: 0

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IOS, VPN 3000 Concentrators, y PIX firewalls, permite a atacantes remotos provocar denegación de servicio (agotamiento de recursos) a través de un flood de paquetes IKE Phase-1 que exceden el ratio de expiración de la sesión. NOTA: se ha indicado que esto es debido a un diseño debil del protocolo IKe version 1, en cuyo caso otros vendedores e implementaciones podrían verse afectados. • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html http://securityreason.com/securityalert/1293 http://securitytracker.com/id?1016582 http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html http://www.osvdb.org/29068 http://www.securityfocus.com/archive/1/441203/100/0/threaded http://www.securityfocus.com/bid/19176 https://exchange.xforce.ibmcloud.com/vulnerabilities& •