CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2007-5569
https://notcve.org/view.php?id=CVE-2007-5569
18 Oct 2007 — Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. Cisco PIX y ASA appliances con software 7.1 y 7.2, cuando se configura para sesiones TLS en el dispositivo, permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de paquetes TLS manipulados, también conocido como CSCsg43276 y CSCsh97120. • http://secunia.com/advisories/27193 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2007-4786
https://notcve.org/view.php?id=CVE-2007-4786
10 Sep 2007 — Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information. Cisco Adaptive Security Appliance (ASA) funcionando en PIX 7.0 anterior a 7.0.7.1, 7.1 anteri... • http://osvdb.org/37499 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 0CVE-2007-2461
https://notcve.org/view.php?id=CVE-2007-2461
02 May 2007 — The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used. El agente transmisor DHCP en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 permite a atacantes remotos provocar una de... • http://secunia.com/advisories/25109 •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2007-2462
https://notcve.org/view.php?id=CVE-2007-2462
02 May 2007 — Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validación LDAP y ganar privil... • http://secunia.com/advisories/25109 •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2007-2463
https://notcve.org/view.php?id=CVE-2007-2463
02 May 2007 — Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.1 anterior a 7.1(2)49 y 7.2 anterior a 7.2(2)17 permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de vectores descono... • http://secunia.com/advisories/25109 •
CVSS: 7.1EPSS: 2%CPEs: 4EXPL: 0CVE-2007-2464
https://notcve.org/view.php?id=CVE-2007-2464
02 May 2007 — Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." Condición de carrera en el Cisco Adaptive Security Appliance (ASA) y en el PIX 7.1 anterior al 7.1(2)49 y el 7.2 anterior al 7.2(2)19, cuando se utiliza "VPNs SSL sin cliente", permite a atacantes remotos provocar una denegación de servicio (recargar el dispositivo... • http://secunia.com/advisories/25109 •
CVSS: 7.5EPSS: 2%CPEs: 138EXPL: 0CVE-2006-3906
https://notcve.org/view.php?id=CVE-2006-3906
27 Jul 2006 — Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IO... • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html •
CVSS: 7.5EPSS: 4%CPEs: 66EXPL: 2CVE-2006-0515 – Cisco - WebSense Content Filtering Bypass
https://notcve.org/view.php?id=CVE-2006-0515
09 May 2006 — Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. • https://www.exploit-db.com/exploits/27830 •
CVSS: 9.8EPSS: 1%CPEs: 156EXPL: 0CVE-2005-4499
https://notcve.org/view.php?id=CVE-2005-4499
22 Dec 2005 — The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. • http://secunia.com/advisories/18141 •
CVSS: 5.9EPSS: 1%CPEs: 3EXPL: 0CVE-2005-3788
https://notcve.org/view.php?id=CVE-2005-3788
24 Nov 2005 — Race condition in Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), and 7.0(4), when running with an Active/Standby configuration and when the failover LAN interface fails, allows remote attackers to cause a denial of service (standby firewall failure) by sending spoofed ARP responses from an IP address of an active firewall, which prevents the standby firewall from becoming active, aka "failover denial of service." Condición de carrera en Cisco Adaptive Security Appliance (ASA) 7.0(0), 7.0(2), Y 7.0(... • http://marc.info/?l=bugtraq&m=113199814008230&w=2 •