CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0653
https://notcve.org/view.php?id=CVE-2014-0653
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340. La funcionalidad Identity Firewall (IDFW) en Cisco Adaptative Security Appliance (ASA) permite a atacantes remotos disparar modificaciones de estado de autenticación a través de respuestas probe de logout NetBIOS manipuladas, tambien conocido como Bug ID CSCuj45340. • http://osvdb.org/101834 http://secunia.com/advisories/56366 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653 http://tools.cisco.com/security/center/viewAlert.x?alertId=32363 http://www.securityfocus.com/bid/64708 http://www.securitytracker.com/id/1029570 https://exchange.xforce.ibmcloud.com/vulnerabilities/90165 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0655
https://notcve.org/view.php?id=CVE-2014-0655
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332. La funcionalidad Identity Firewall (IDFW) en Cisco Adaptive Security Appliance (ASA) Software permite a atacantes remotos cambiar el contenido de la caché de usuario a través de un ataque de repetición que involucra mensajes manipulados RADIUS Change of Authorization (CoA), también conocido como Bug ID CSCuj45332. • http://osvdb.org/101838 http://secunia.com/advisories/56366 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655 http://tools.cisco.com/security/center/viewAlert.x?alertId=32362 http://www.securityfocus.com/bid/64700 http://www.securitytracker.com/id/1029575 https://exchange.xforce.ibmcloud.com/vulnerabilities/90164 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0CVE-2013-6707
https://notcve.org/view.php?id=CVE-2013-6707
Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol management outage) by making multiple management session requests, aka Bug ID CSCug33233. Fuga de memoria en la implementación del connection-manager en Cisco Adaptive Security Appliance (ASA) Software 9.1 (.3) y anteriores permite a atacantes remotos causar denegación de servicio (interrupción de la gestión multi-protocolo) realizando múltiples peticiones de gestión de sesión, también conocido como Bug ID CSCug33233. • http://osvdb.org/100682 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6707 http://tools.cisco.com/security/center/viewAlert.x?alertId=32065 http://www.securityfocus.com/bid/64148 http://www.securitytracker.com/id/1029441 https://exchange.xforce.ibmcloud.com/vulnerabilities/89442 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-6696
https://notcve.org/view.php?id=CVE-2013-6696
Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. Cisco Adaptive Security Appliance (ASA) Software no maneja adecuadamente errores durante el procesamiento de respuestas DNS, lo que permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de una respuesta malformada, también conocido como Bug ID CSCuj28861. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 114EXPL: 0CVE-2013-6682
https://notcve.org/view.php?id=CVE-2013-6682
The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299. La implementación phone-proxy en Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 y anteriores versiones no valida adecuadamente certificados X.509, lo que permite a atacantes remotos provocar una denegación de servicio (corrupción de connection-database) a través de una entrada inválida, también conocido como Bug ID CSCui33299. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6682 http://tools.cisco.com/security/center/viewAlert.x?alertId=31692 • CWE-20: Improper Input Validation •