CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2007-2463
https://notcve.org/view.php?id=CVE-2007-2463
02 May 2007 — Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.1 anterior a 7.1(2)49 y 7.2 anterior a 7.2(2)17 permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de vectores descono... • http://secunia.com/advisories/25109 •
CVSS: 10.0EPSS: 3%CPEs: 4EXPL: 0CVE-2007-2462
https://notcve.org/view.php?id=CVE-2007-2462
02 May 2007 — Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validación LDAP y ganar privil... • http://secunia.com/advisories/25109 •
CVSS: 7.8EPSS: 7%CPEs: 8EXPL: 0CVE-2007-0961
https://notcve.org/view.php?id=CVE-2007-0961
16 Feb 2007 — Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets. Cisco PIX 500 y ASA 5500 Series Security Appliances 6.x versiones anteriores a 6.3(5.115), 7.0 versiones anteriores a 7.0(5.2), y 7.1 versiones anteriores a 7.1(2.5), y el FWSM 3.x versiones anteriores a 3.1(3.24), c... • http://osvdb.org/33054 •
CVSS: 7.8EPSS: 2%CPEs: 6EXPL: 0CVE-2007-0962
https://notcve.org/view.php?id=CVE-2007-0962
16 Feb 2007 — Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic. Cisco PIX 500 y ASA 5500 Series Security Appliances 7.x versiones anteriores a 7.0(4.14), 7.1 versiones anteriores a 7.1(2.1), y el FWSM 2.x versiones anteriores a 2.3(4.12) y 3.x versiones anteriores a 3.1(3.24), cuando "i... • http://osvdb.org/33055 •
CVSS: 7.5EPSS: 2%CPEs: 138EXPL: 0CVE-2006-3906
https://notcve.org/view.php?id=CVE-2006-3906
27 Jul 2006 — Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IO... • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html •
CVSS: 7.5EPSS: 4%CPEs: 66EXPL: 2CVE-2006-0515 – Cisco - WebSense Content Filtering Bypass
https://notcve.org/view.php?id=CVE-2006-0515
09 May 2006 — Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. • https://www.exploit-db.com/exploits/27830 •
CVSS: 9.8EPSS: 1%CPEs: 156EXPL: 0CVE-2005-4499
https://notcve.org/view.php?id=CVE-2005-4499
22 Dec 2005 — The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. • http://secunia.com/advisories/18141 •
CVSS: 7.5EPSS: 35%CPEs: 2EXPL: 2CVE-2005-3774 – Cisco PIX - Spoofed TCP SYN Packets Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-3774
23 Nov 2005 — Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. • https://www.exploit-db.com/exploits/1338 •
CVSS: 7.5EPSS: 9%CPEs: 138EXPL: 0CVE-2005-3669
https://notcve.org/view.php?id=CVE-2005-3669
18 Nov 2005 — Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html •