CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2008-0028
https://notcve.org/view.php?id=CVE-2008-0028
23 Jan 2008 — Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet. Hay una vulnerabilidad no especificada en PIX 500 Series Security Appliance y 5500 Series Adaptive Security Appliance (ASA) de Cisco anterior a las versiones 7.2 (3) 6 y 8.0 (3), cuando la función de decremento de ... • http://secunia.com/advisories/28625 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2007-5569
https://notcve.org/view.php?id=CVE-2007-5569
18 Oct 2007 — Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. Cisco PIX y ASA appliances con software 7.1 y 7.2, cuando se configura para sesiones TLS en el dispositivo, permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de paquetes TLS manipulados, también conocido como CSCsg43276 y CSCsh97120. • http://secunia.com/advisories/27193 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 6%CPEs: 2EXPL: 0CVE-2007-2461
https://notcve.org/view.php?id=CVE-2007-2461
02 May 2007 — The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used. El agente transmisor DHCP en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 permite a atacantes remotos provocar una de... • http://secunia.com/advisories/25109 •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2007-2462
https://notcve.org/view.php?id=CVE-2007-2462
02 May 2007 — Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validación LDAP y ganar privil... • http://secunia.com/advisories/25109 •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2007-2463
https://notcve.org/view.php?id=CVE-2007-2463
02 May 2007 — Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.1 anterior a 7.1(2)49 y 7.2 anterior a 7.2(2)17 permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de vectores descono... • http://secunia.com/advisories/25109 •
CVSS: 7.1EPSS: 2%CPEs: 4EXPL: 0CVE-2007-2464
https://notcve.org/view.php?id=CVE-2007-2464
02 May 2007 — Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." Condición de carrera en el Cisco Adaptive Security Appliance (ASA) y en el PIX 7.1 anterior al 7.1(2)49 y el 7.2 anterior al 7.2(2)19, cuando se utiliza "VPNs SSL sin cliente", permite a atacantes remotos provocar una denegación de servicio (recargar el dispositivo... • http://secunia.com/advisories/25109 •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2006-4312
https://notcve.org/view.php?id=CVE-2006-4312
23 Aug 2006 — Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access. Cisco PIX 500 Series Security Appliances y ASA 5500 Series Adaptive Security... • http://secunia.com/advisories/21616 •
CVSS: 7.5EPSS: 2%CPEs: 138EXPL: 0CVE-2006-3906
https://notcve.org/view.php?id=CVE-2006-3906
27 Jul 2006 — Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IO... • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html •
CVSS: 7.5EPSS: 4%CPEs: 66EXPL: 2CVE-2006-0515 – Cisco - WebSense Content Filtering Bypass
https://notcve.org/view.php?id=CVE-2006-0515
09 May 2006 — Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. • https://www.exploit-db.com/exploits/27830 •
CVSS: 9.8EPSS: 1%CPEs: 156EXPL: 0CVE-2005-4499
https://notcve.org/view.php?id=CVE-2005-4499
22 Dec 2005 — The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. • http://secunia.com/advisories/18141 •