CVE-2012-0358
https://notcve.org/view.php?id=CVE-2012-0358
Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165. Desbordamiento de búfer en el puerto de Cisco Forwarder control ActiveX en cscopf.ocx, ya que distribuyen a través de la función Clientless VPN de Cisco Adaptive Security Appliances (ASA) 5500 dispositivos de la serie con el software v7.0 a v7.2 antes de v7.2 (5.6), v8.0 antes de v8.0 (5.26), v8.1 antes de v8.1 (2.53), v8.2 antes de v8.2 (5.18), v8.3 antes de v8.3 (2.28), v8.2 antes de v8.4 (2.16), y v8.6 antes de v8.6 (1.1), permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, también conocido como Bug ID CSCtr00165. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient http://www.kb.cert.org/vuls/id/339177 http://www.securitytracker.com/id?1026799 https://exchange.xforce.ibmcloud.com/vulnerabilities/74027 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-0354
https://notcve.org/view.php?id=CVE-2012-0354
The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1) allows remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger a shun event, aka Bug ID CSCtw35765. La función de detección de amenazas de dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500, y el ASA Services Module (ASASM) en dispositivos Cisco Catalyst 6500, con el software v8.0 a v8.2 antes de v8.2 (5.20), v8.3 antes de v8.3 (2.29), v8.4 antes de v8.4 (3), v8.5 antes de v8.5 (1.6), y v8.6 antes de v8.6 (1.1) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes (1) IPv4 o (2) IPv6 que desencadenan un evento shun, también conocido como Bug ID CSCtw35765. • http://osvdb.org/80044 http://secunia.com/advisories/48423 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa http://www.securityfocus.com/bid/52489 http://www.securitytracker.com/id?1026800 https://exchange.xforce.ibmcloud.com/vulnerabilities/74030 • CWE-20: Improper Input Validation •
CVE-2012-0355
https://notcve.org/view.php?id=CVE-2012-0355
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634. Cisco Adaptive Security Appliances (ASA) 5500 Dispositivos de la serie, y el módulo de servicios de ASA (ASASM) en dispositivos cisco Catalyst 6500, con el software v8.4 antes v8.4 (2.11) y v8.5 los antes de v8.5 (1.4) permite una atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes (1) IPv4 o (2) IPv6 que disparan el mensaje syslog 305006, también conocido como Bug ID CSCts39634. • http://osvdb.org/80045 http://secunia.com/advisories/48423 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa http://www.securityfocus.com/bid/52488 http://www.securitytracker.com/id?1026800 • CWE-20: Improper Input Validation •
CVE-2012-0353
https://notcve.org/view.php?id=CVE-2012-0353
The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441. El motor de inspección UDP de dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500, y el ASA Services Module (ASASM) en dispositivos Cisco Catalyst 6500, con el software v8.0 a v8.2 antes de v8.2 (5.20), v8.3 antes de v8.3 (2.29), v8.4 antes de v8.4 (3), v8.5 antes de v8.5 (1.6), y v8.6 antes de v8.6 (1.1) permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes UDP (1) IPv4 o (2) IPv6 manipulados, también conocido como Bug ID CSCtq10441. • http://osvdb.org/80043 http://secunia.com/advisories/48423 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa http://www.securityfocus.com/bid/52484 http://www.securitytracker.com/id?1026800 https://exchange.xforce.ibmcloud.com/vulnerabilities/74029 • CWE-20: Improper Input Validation •
CVE-2012-0356
https://notcve.org/view.php?id=CVE-2012-0356
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367. Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 y el Módulo de Servicios de ASA (ASASM) en dispositivos Cisco Catalyst 6500, con el software v7.0 a v7.2 antes de v7.2 (5.7), v8.0 antes de v8.0 (5.27), v8.1 antes de v8.1 (2.53) , v8.2 antes de v8.2 (5.8), v8.3 antes de v8.3 (2.25), v8.4 antes de v8.4 (2.5), y v8.5 antes de v8.5 (1.2) y el Firewall Services Module (FWSM) v3.1 y v3.2 antes de v3.2 (23) y v4.0 y v4.1 antes de v4.1 (8) en los dispositivos Cisco Catalyst 6500, cuando está habilitado el enrutamiento multicast, permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un mensaje IPv4 PIM modificado, también conocido como Bug ID CSCtr47517 y CSCtu97367. • http://osvdb.org/80041 http://secunia.com/advisories/48421 http://secunia.com/advisories/48423 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm http://www.securitytracker.com/id?1026798 http://www.securitytracker.com/id?1026800 https://exchange.xforce.ibmcloud.com/vulnerabilities/74028 • CWE-20: Improper Input Validation •