CVE-2013-5512
https://notcve.org/view.php?id=CVE-2013-5512
Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID CSCud37992. Condición de carrera en la función HTTP Deep Packet Inspection (DPI) en Cisco Adaptive Security Appliance (ASA) Software 8.2.x anterior a 8.2(5.46), 8.3.x anterior a 8.3(2.39), 8.4.x anterior a 8.4(5.5), 8.5.x anterior a 8.5(1.18), 8.6.x anterior a 8.6(1.12), 8.7.x anterior a 8.7(1.4), 9.0.x anterior a 9.0(1.4), y 9.1.x anterior a 9.1(1.2), que en ciertas condiciones que implican la opción spoof-server o ActiveX o inspección de respuesta de Java, permite a atacantes remotos provocar una denegación de servicio (recarga dispositivo) a través de una respuesta HTTP manipulada, también conocido como Bug ID CSCud37992. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5512 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2013-5508
https://notcve.org/view.php?id=CVE-2013-5508
The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6), 9.0.x before 9.0(2.10), and 9.1.x before 9.1(2) and Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(27) and 4.x before 4.1(14) allows remote attackers to cause a denial of service (device reload) via crafted segmented Transparent Network Substrate (TNS) packets, aka Bug ID CSCub98434. El motor de SQL*Net inspection en Cisco Adaptive Security Appliance (ASA) 7.x anteriores a 7.2(5.12), 8.x anteriores a 8.2(5.44), 8.3.x anteriores a 8.3(2.39), 8.4.x anteriores a 8.4(6), 8.5.x anteriores a 8.5(1.18), 8.6.x anteriores a 8.6(1.12), 8.7.x anteriores a 8.7(1.6), 9.0.x anteriores a 9.0(2.10) y 9.1.x anteriores a 9.1(2) y Firewall Services Modue (FWSM) 3.1.x y 3.2.x anteriores a 3.2(27) y 4.x anteriores a 4.1(14) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes segmentados Transparent Network Substrate (TNS) manipulados, tambien conocido como Bug ID CSCub98434. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-fwsm http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5508 • CWE-20: Improper Input Validation •
CVE-2013-3415
https://notcve.org/view.php?id=CVE-2013-3415
Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737. Cisco Adaptive Security Appliance (ASA) Software 8.4.x anteriores a 8.4(3) y 8.6.x aanteriores 8.6(1.3) no maneja apropiadamente la memorua hasta la desconexión de un cliente VPN AnyConnect SSL, lo que permite a atacantes remotos causar una denegación de servicio (consumo de memoria, y corte de redirección o cuelgue de sistema) a través de paquetes a la dirección IP de la máquina desconectada, tambien conocido como Bug ID CSCtt36737. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3415 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-5515
https://notcve.org/view.php?id=CVE-2013-5515
The Clientless SSL VPN feature in Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.7), 8.6.x before 8.6(1.12), 9.0.x before 9.0(2.6), and 9.1.x before 9.1(1.7) allows remote attackers to cause a denial of service (device reload) via crafted HTTPS requests, aka Bug ID CSCua22709. La función de Clientless SSL VPN de Cisco Adaptive Security Appliance (ASA) Software 8.x anteiror a 8,2 (5,44), 8.3.x anterior a 8,3 (2,39), 8.4.x anterior a 8,4 (5,7), 8.6.x anterior a 8.6 (1.12), 9.0.x anterior a 9,0 (2,6), y 9.1.x anterior a 9,1 (1,7) permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de peticiones HTTPS mannipuladas, también conocido como Bug ID CSCua22709. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5515 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-1149
https://notcve.org/view.php?id=CVE-2013-1149
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. Cisco Adaptive Security Appliances (ASA) los dispositivos con v7.x de software antes de v7.2(5.10) v8.0, antes de v8.0(5.28), v8.1 y v8.2 antes de v8.2(5.35), v8.3 antes de v8.3(2.34), v8.4 antes de v8.4(4.11), v8.6 antes de v8.6(1.10), y v8.7 antes de v8.7(1.3), y Cisco Firewall Services Module (FWSM) software v3.1 y v3.2 antes de v3.2(24.1) y v4.0 y v401 antes de v4.1(11.1), permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un elaborado IKEv1 mensaje, también conocido como Bug ID CSCub85692 y CSCud20267. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm •