NotCVE - vendor:"Cisco" product:"Adaptive Security Appliance Software" version:" >= 8.2

Page 17 of 166 results (0.013 seconds)

CVSS: 9.0EPSS: 0%CPEs: 58EXPL: 0

CVE-2010-4675

https://notcve.org/view.php?id=CVE-2010-4675

07 Jan 2011 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the "lowest security level interface," aka Bug ID CSCsv40504. Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no determinan apropiadamente los interfaces para los que las conexio... • http://secunia.com/advisories/42931 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 1%CPEs: 58EXPL: 0

CVE-2009-5037

https://notcve.org/view.php?id=CVE-2009-5037

07 Jan 2011 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM syslog outage) via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911. Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) permiten a atacantes remotos provocar una denegación de servicio (caída del syslog ASDM) a través de una URL extensa. También conocido como Bug IDs CSCsm11264 y CSCtb92911. • http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0

CVE-2010-4679

https://notcve.org/view.php?id=CVE-2010-4679

07 Jan 2011 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816. Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no manejan apropiadamente los fallos de conexión de OCSP ("Online Certificate Status Proto... • http://secunia.com/advisories/42931 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 3%CPEs: 60EXPL: 3

CVE-2010-4670

https://notcve.org/view.php?id=CVE-2010-4670

07 Jan 2011 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526. La implantación del protocolo "Neighb... • http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html • CWE-399: Resource Management Errors •

CVSS: 9.1EPSS: 1%CPEs: 58EXPL: 0

CVE-2010-4681

https://notcve.org/view.php?id=CVE-2010-4681

07 Jan 2011 — Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to bypass SMTP inspection via vectors involving a prepended space character, aka Bug ID CSCte14901. Vulnerabilidad sin especificar en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3). Permite a atacantes remotos evitar la inspección de SMTP a través de vectores que involucran un carácter de espacio añadido al inicio.... • http://secunia.com/advisories/42931 •

CVSS: 6.1EPSS: 1%CPEs: 5EXPL: 3

CVE-2010-0440 – Cisco Secure Desktop 3.x - 'translation' Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-0440

03 Feb 2010 — Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not properly handled by an eval statement in binary/mainv.js that writes to start.html. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en +CSCOT+/translation en Cisco Secure Desktop v3.4.2048, y... • https://www.exploit-db.com/exploits/33567 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...15 16 17