Page 5 of 22 results (0.006 seconds)

CVSS: 6.8EPSS: 0%CPEs: 18EXPL: 0

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make unspecified changes, aka Bug ID CSCuo46427. Vulnerabilidad de CSRF en el Framework web en Cisco Security Manager 4.6 y anteriores permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios para solicitudes que realizan cambios no especificados, también conocido como Bug ID CSCuo46427. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3267 http://tools.cisco.com/security/center/viewAlert.x?alertId=34325 http://www.securitytracker.com/id/1030271 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •