CVSS: 5.0EPSS: 5%CPEs: 138EXPL: 0CVE-2006-3906
https://notcve.org/view.php?id=CVE-2006-3906
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IOS, VPN 3000 Concentrators, y PIX firewalls, permite a atacantes remotos provocar denegación de servicio (agotamiento de recursos) a través de un flood de paquetes IKE Phase-1 que exceden el ratio de expiración de la sesión. NOTA: se ha indicado que esto es debido a un diseño debil del protocolo IKe version 1, en cuyo caso otros vendedores e implementaciones podrían verse afectados. • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html http://securityreason.com/securityalert/1293 http://securitytracker.com/id?1016582 http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html http://www.osvdb.org/29068 http://www.securityfocus.com/archive/1/441203/100/0/threaded http://www.securityfocus.com/bid/19176 https://exchange.xforce.ibmcloud.com/vulnerabilities& •
CVSS: 7.5EPSS: 33%CPEs: 66EXPL: 2CVE-2006-0515 – Cisco - WebSense Content Filtering Bypass
https://notcve.org/view.php?id=CVE-2006-0515
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. • https://www.exploit-db.com/exploits/27830 http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045899.html http://secunia.com/advisories/20044 http://securitytracker.com/id?1016039 http://securitytracker.com/id?1016040 http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/tsd_products_security_response09186a00806824ec.html http://www.osvdb.org/25453 http://www.securityfocus.com/archive/1/433270/100/0/threaded http://www.securityfocus.com/bid/17883 http://www.vsecurity.c •
CVSS: 7.5EPSS: 1%CPEs: 156EXPL: 0CVE-2005-4499
https://notcve.org/view.php?id=CVE-2005-4499
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. • http://secunia.com/advisories/18141 http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml http://www.osvdb.org/22193 http://www.securityfocus.com/archive/1/420020/100/0/threaded http://www.securityfocus.com/archive/1/420103/100/0/threaded http://www.securityfocus.com/bid/16025 •
CVSS: 5.4EPSS: 2%CPEs: 3EXPL: 0CVE-2005-3788
https://notcve.org/view.php?id=CVE-2005-3788
Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), and 7.0(4), when running with an Active/Standby configuration and when the failover LAN interface fails, allows remote attackers to cause a denial of service (standby firewall failure) by sending spoofed ARP responses from an IP address of an active firewall, which prevents the standby firewall from becoming active, aka "failover denial of service." Condición de carrera en Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), Y 7.0(4), cuando corre una configuración Activo/En Espera y cuando la interfaz LAN de reserva falla, permite a atacantes remotos causar una denegación de servicio (fallo de cortafuegos en espera) enviando respuestas ARP suplantadas de la dirección IP de un cortafuegos activo, lo que impide que el cortafuegos en espera se vuelva activo, tcc "denegación de servicio de reserva". • http://marc.info/?l=bugtraq&m=113199814008230&w=2 http://marc.info/?l=bugtraq&m=113201784415859&w=2 http://secunia.com/advisories/17550 http://securityreason.com/securityalert/178 http://securitytracker.com/id?1015205 http://www.securityfocus.com/bid/15407 https://exchange.xforce.ibmcloud.com/vulnerabilities/23160 •
CVSS: 5.0EPSS: 7%CPEs: 138EXPL: 0CVE-2005-3669
https://notcve.org/view.php?id=CVE-2005-3669
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html http://secunia.com/advisories/17553 http://securitytracker.com/id?1015198 http://securitytracker.com/id?1015199 http://securitytracker.com/id?1015200 http://securitytracker.com/id?1015201 http://securitytracker.com/id? •