CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 0CVE-2009-1157
https://notcve.org/view.php?id=CVE-2009-1157
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. Fuga de memoria en Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances v7.0 anteriores a v7.0(8)6, v7.1 anteriores a v7.1(2)82, v7.2 anteriores a v7.2(4)30, v8.0 anteriores a v8.0(4)28, y v8.1 anteriores a v8.1(2)19 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y recarga del dispositivo) a través de una paquete TCP manipulado. • http://osvdb.org/53445 http://secunia.com/advisories/34607 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml http://www.securityfocus.com/bid/34429 http://www.securitytracker.com/id?1022015 http://www.vupen.com/english/advisories/2009/0981 •
CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 0CVE-2009-1158
https://notcve.org/view.php?id=CVE-2009-1158
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. Vulnerabilidad no específica en Cisco Adaptive Security Appliances (ASA) 5500 Series dispositivos v7.0 anteriores a v7.0(8)6, v7.1 anteriores a v7.1(2)82, v7.2 anteriores a v7.2(4)26, v8.0 anteriores a v8.0(4)24, y v8.1 anteriores a v8.1(2)14, cuando la inspección H.323 está habilitado, permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un paquete h.323 manipulado. • http://osvdb.org/53444 http://secunia.com/advisories/34607 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml http://www.securityfocus.com/bid/34429 http://www.securitytracker.com/id?1022015 http://www.vupen.com/english/advisories/2009/0981 •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2009-1160
https://notcve.org/view.php?id=CVE-2009-1160
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances v7.0 anteriores a v7.0(8)1, v7.1 anteriores a v7.1(2)74, v7.2 anteriores a v7.2(4)9, and v8.0 anteriores a v8.0(4)5 no implementan de forma adecuada la denegación implícita, lo que podría permitir a atacantes remotos enviar paquetes que sobrepasen las restricciones de acceso impuestas, también conocido como Bug ID CSCsq91277. • http://secunia.com/advisories/34607 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml http://www.securityfocus.com/bid/34429 http://www.securitytracker.com/id?1022017 http://www.vupen.com/english/advisories/2009/0981 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2008-3815
https://notcve.org/view.php?id=CVE-2008-3815
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances 7.0 versiones anteriores a 7.0(8)3, 7.1 versiones anteriores a 7.1(2)78, 7.2 versiones anteriores a 7.2(4)16, 8.0 versiones anteriores a 8.0(4)6, y 8.1 versiones anteriores a 8.1(1)13, cuando está configurado como una VPN utilizando la autenticación del dominio de Microsoft Windows NT, permite a atacantes remotos evitar la autenticación VPN a través de vectores desconocidos. • http://secunia.com/advisories/32360 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml http://www.securityfocus.com/bid/31864 http://www.securitytracker.com/id?1021089 http://www.securitytracker.com/id?1021090 http://www.vupen.com/english/advisories/2008/2899 https://exchange.xforce.ibmcloud.com/vulnerabilities/46024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983 • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 18%CPEs: 4EXPL: 0CVE-2007-2462
https://notcve.org/view.php?id=CVE-2007-2462
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validación LDAP y ganar privilegios a través de vectores desconocidos. • http://secunia.com/advisories/25109 http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml http://www.kb.cert.org/vuls/id/210876 http://www.osvdb.org/35331 http://www.securityfocus.com/bid/23768 http://www.securitytracker.com/id?1017994 http://www.securitytracker.com/id?1017995 http://www.vupen.com/english/advisories/2007/1636 https://exchange.xforce.ibmcloud.com/vulnerabilities/34020 •