CVE-2017-3807 – Cisco ASA - WebVPN CIFS Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-3807
A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. • https://www.exploit-db.com/exploits/41369 http://www.securityfocus.com/bid/96161 http://www.securitytracker.com/id/1037797 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-6461
https://notcve.org/view.php?id=CVE-2016-6461
A vulnerability in the HTTP web-based management interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to inject arbitrary XML commands on the affected system. More Information: CSCva38556. Known Affected Releases: 9.1(6.10). Known Fixed Releases: 100.11(0.75) 100.15(0.137) 100.8(40.129) 96.2(0.95) 97.1(0.55) 97.1(12.7) 97.1(6.30). Una vulnerabilidad en la interfaz de gestión basada en web HTTP de el Cisco Adaptive Security Appliance (ASA) podría permitir a un atacante remoto no autenticado, inyectar comandos XML arbitrarios en el sistema afectado. • http://www.securityfocus.com/bid/94365 http://www.securitytracker.com/id/1037306 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asa • CWE-20: Improper Input Validation •
CVE-2016-6431
https://notcve.org/view.php?id=CVE-2016-6431
A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software before 9.6(1.5) could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker could exploit this vulnerability by sending a crafted enrollment request to the affected system. An exploit could allow the attacker to cause the reload of the affected system. Note: Only HTTPS packets directed to the Cisco ASA interface, where the local CA is allowing user enrollment, can be used to trigger this vulnerability. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-ca http://www.securityfocus.com/bid/93786 http://www.securitytracker.com/id/1037060 • CWE-20: Improper Input Validation •
CVE-2016-6432
https://notcve.org/view.php?id=CVE-2016-6432
A vulnerability in the Identity Firewall feature of Cisco ASA Software before 9.6(2.1) could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending a crafted NetBIOS packet in response to a NetBIOS probe sent by the ASA software. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or cause a reload of the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. • http://www.securityfocus.com/bid/93784 http://www.securitytracker.com/id/1037059 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-asa-idfw • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-6424
https://notcve.org/view.php?id=CVE-2016-6424
The DHCP Relay implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 and 9.1.7.4 allows remote attackers to cause a denial of service (interface wedge) via a crafted rate of DHCP packet transmission, aka Bug ID CSCuy66942. La implementación de DHCP Relay en Cisco Adaptive Security Appliance (ASA) Software 8.4.7.29 y 9.1.7.4 permite a atacantes remotos provocar una denegación de servicio (cuña de interfaz) a través un índice de transmisión de paquetes DHCP manipulado, vulnerabilidad también conocida como Bug ID CSCuy66942. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-asa-dhcp http://www.securityfocus.com/bid/93408 http://www.securitytracker.com/id/1036961 • CWE-399: Resource Management Errors •