CVSS: 9.3EPSS: 2%CPEs: 89EXPL: 0CVE-2012-0358
https://notcve.org/view.php?id=CVE-2012-0358
Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165. Desbordamiento de búfer en el puerto de Cisco Forwarder control ActiveX en cscopf.ocx, ya que distribuyen a través de la función Clientless VPN de Cisco Adaptive Security Appliances (ASA) 5500 dispositivos de la serie con el software v7.0 a v7.2 antes de v7.2 (5.6), v8.0 antes de v8.0 (5.26), v8.1 antes de v8.1 (2.53), v8.2 antes de v8.2 (5.18), v8.3 antes de v8.3 (2.28), v8.2 antes de v8.4 (2.16), y v8.6 antes de v8.6 (1.1), permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, también conocido como Bug ID CSCtr00165. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient http://www.kb.cert.org/vuls/id/339177 http://www.securitytracker.com/id?1026799 https://exchange.xforce.ibmcloud.com/vulnerabilities/74027 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 74EXPL: 0CVE-2011-2060
https://notcve.org/view.php?id=CVE-2011-2060
The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted description, aka Bug ID CSCtq50523. El componente plataform-sw en dispositivos Cisco Adaptive Security Appliances (ASA) 5500 con el software v8.2 anterior a v8.2(5.3), v8.3 anterior a v8.3(2.20), y v8.4 anteriores a v8.4(2.1) no controla correctamente los caracteres no-ASCII en la descripción de interfaz, que permite a usuarios locales provocar una denegación de servicio (recarga sin configuración) a través de una descripción manipulada, también conocido como Bug ID CSCtq50523. • http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 0CVE-2011-3302
https://notcve.org/view.php?id=CVE-2011-3302
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92398 and CSCtq09989. Dispositivos de las series Cisco Adaptive Security Appliances (ASA ) 5500, y el módulo de ASA en dispositivos de la serie Cisco Catalyst 6500, con el software v7.0 anteriores a v7.0(8.13), v7.1 y v7.2 anteriores a v7.2(5.4), v8.0 anteriores a v8.0(5.25), v8.1 y v8.2 anteriores a v8.2(5.11), v8.3 anteriores a v8.3(2.23), v8.4 anteriores a v8.4(2.6), y v8.5 anteriores a v8.5(1.1) y Cisco Firewall Services Module (también conocido como FWSM) v3.1 anteriores a v3.1(21), v3.2 anteriores a v3.2(22), v4.0 anteriores a v4.0(16), y v4.1 anteriores a v4.1(7) permite a atacantes remotos causar una denegación de servicio (reinicio del dispositivo) a través del tráfico SunRPC manipulado, también conocido como Bug IDs CSCto92398 y CSCtq09989. • http://osvdb.org/76089 http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/70333 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 0CVE-2011-3299
https://notcve.org/view.php?id=CVE-2011-3299
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92380 and CSCtq09972. Dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series, y el módulo ASA Services de Cisco Catalyst 6500 series, con software 7.0 anteriores a 7.0(8.13), 7.1 y 7.2 anteriores a 7.2(5.4), 8.0 anteriores a 8.0(5.25), 8.1 y 8.2 anteriores a 8.2(5.11), 8.3 anteriores a 8.3(2.23), 8.4 anteriores a 8.4(2.6), y 8.5 anteriores a 8.5(1.1) y Cisco Firewall Services Module (aka FWSM) 3.1 anteriores a 3.1(21), 3.2 anteriores a 3.2(22), 4.0 anteriores a 4.0(16), y 4.1 anteriores a 4.1(7) permiten a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de tráfico SunRPC modificado. También conocido como Bug IDs CSCto92380 and CSCtq09972. • http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/70330 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 141EXPL: 0CVE-2011-3300
https://notcve.org/view.php?id=CVE-2011-3300
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06065 and CSCtq09978. Dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series, y el módulo ASA Services de Cisco Catalyst 6500 series, con software 7.0 anteriores a 7.0(8.13), 7.1 y 7.2 anteriores a 7.2(5.4), 8.0 anteriores a 8.0(5.25), 8.1 y 8.2 anteriores a 8.2(5.11), 8.3 anteriores a 8.3(2.23), 8.4 anteriores a 8.4(2.6), y 8.5 anteriores a 8.5(1.1) y Cisco Firewall Services Module (aka FWSM) 3.1 anteriores a 3.1(21), 3.2 anteriores a 3.2(22), 4.0 anteriores a 4.0(16), y 4.1 anteriores a 4.1(7) permiten a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de tráfico SunRPC modificado. También conocido como Bug IDs CSCtq06065 and CSCtq09978. • http://osvdb.org/76087 http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/70331 • CWE-399: Resource Management Errors •