CVSS: 7.5EPSS: 1%CPEs: 58EXPL: 0CVE-2010-4681
https://notcve.org/view.php?id=CVE-2010-4681
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to bypass SMTP inspection via vectors involving a prepended space character, aka Bug ID CSCte14901. Vulnerabilidad sin especificar en los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3). Permite a atacantes remotos evitar la inspección de SMTP a través de vectores que involucran un carácter de espacio añadido al inicio. También conocido como Bug ID CSCte14901. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45767 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64607 •
CVSS: 7.8EPSS: 2%CPEs: 60EXPL: 3CVE-2010-4670
https://notcve.org/view.php?id=CVE-2010-4670
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526. La implantación del protocolo "Neighbor Discovery" (ND) en la pila IPv6 de los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software 8.2(3) y versiones anteriores, y dispositivos Cisco PIX Security Appliances, permite a atacantes remotos provocar una denegación de servicio (consumo de la CPU y cuelgue del dispositivo) enviando múltiples mensajes de "Router Advertisement" (anuncio de ruta) con direcciones de fuente distintas, como se ha demostrado con el programa flood_router6 del paquete thc-ipv6. También conocido como Bug ID CSCti24526 • http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html http://mirror.fem-net.de/CCC/27C3/mp3-audio-only/27c3-3957-en-ipv6_insecurities.mp3 http://mirror.fem-net.de/CCC/27C3/mp4-h264-HQ/27c3-3957-en-ipv6_insecurities.mp4 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45760 http://www.securitytracker.com/id?1024963 http://www.youtube.com/watch?v=00yjWB6gGy8 https://exchange.xforce.ibmcloud.com/vu • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2010-4673
https://notcve.org/view.php?id=CVE-2010-4673
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via a flood of packets, aka Bug ID CSCtg06316. Dispositivos Cisco Adaptive Security Appliances (ASA) series 5500, con software v8.2(4) y anteriores permite a atacantes remotos causar una denegación de servicio a través de una inundación de paquetes, también conocido como ID de error CSCtg06316. • http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45766 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64599 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 58EXPL: 0CVE-2010-4678
https://notcve.org/view.php?id=CVE-2010-4678
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit packets to pass before the configuration has been loaded, which might allow remote attackers to bypass intended access restrictions by sending network traffic during device startup, aka Bug ID CSCsy86769. Dispositivos Cisco Adaptive Security Appliances (ASA) series 5500 con software anterior a v8.2(3) permite a los paquetes pasar antes de que la configuración se haya cargado, lo que podría permitir a atacantes remotos evitar las restricciones de acceso previstas, mediante el envío de tráfico por la red durante el inicio del dispositivo, también conocido como Bug ID CSCsy86769 • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45767 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64604 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2010-4679
https://notcve.org/view.php?id=CVE-2010-4679
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816. Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no manejan apropiadamente los fallos de conexión de OCSP ("Online Certificate Status Protocol"), lo que permite a los emisarios de respuestas OCSP provocar una denegación de servicio (consumo de todos los sockets TCP) rechazando intentos de conexión. También conocido como Bug ID CSCsz36816. • http://secunia.com/advisories/42931 http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf http://www.securityfocus.com/bid/45767 http://www.securitytracker.com/id?1024963 https://exchange.xforce.ibmcloud.com/vulnerabilities/64605 • CWE-20: Improper Input Validation •