CVE-2007-5571
https://notcve.org/view.php?id=CVE-2007-5571
Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, does not properly enforce edited ACLs, which might allow remote attackers to bypass intended restrictions on network traffic, aka CSCsj52536. Cisco Firewall Services Module (FWSM) 3.1(6), y 3.2(2) y anteriores, no aplica correctamente la edición de ACLs, lo cual podría permitir a atacantes remotos evitar restricciones intencionadas sobre el tráfico de red, también conocido como CSCsj52536. • http://secunia.com/advisories/27236 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml http://www.securityfocus.com/bid/26109 http://www.securitytracker.com/id?1018825 http://www.vupen.com/english/advisories/2007/3530 https://exchange.xforce.ibmcloud.com/vulnerabilities/37258 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-5570
https://notcve.org/view.php?id=CVE-2007-5570
Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cause a denial of service (device reload) via a crafted HTTPS request, aka CSCsi77844. Cisco Firewall Services Module (FWSM) 3.2(1), y 3.1(5) y anteriores, permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de una respuesta HTTPS manipulada, también conocido como CSCsi77844. • http://secunia.com/advisories/27236 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml http://www.securityfocus.com/bid/26109 http://www.securitytracker.com/id?1018825 http://www.vupen.com/english/advisories/2007/3530 https://exchange.xforce.ibmcloud.com/vulnerabilities/37251 • CWE-20: Improper Input Validation •
CVE-2007-5568
https://notcve.org/view.php?id=CVE-2007-5568
Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM). Cisco PIX y ASA appliances con software 7.0 hasta 8.0, y Cisco Firewall Services Module (FWSM) 3.1(5) y anteriores, permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de un paquete manipulado MGCP, también conocido como CSCsi90468 (appliance) y CSCsi00694 (FWSM). • http://secunia.com/advisories/27193 http://secunia.com/advisories/27236 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml http://www.securityfocus.com/bid/26104 http://www.securityfocus.com/bid/26109 http://www.securitytracker.com/id?1018825 http://www.securitytracker.com/id?1018826 http://www.securitytracker.com/id?1018827 http://www.vupen.com/english/advisories/2007/3530 h • CWE-20: Improper Input Validation •
CVE-2007-0965
https://notcve.org/view.php?id=CVE-2007-0965
Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request. Cisco FWSM 3.x versiones anteriores a 3.1(3.2), cuando la autenticación esta configurada para usar "aaa authentication match" ó "aaa authentication include", permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) mediante una petición HTTP larga. • http://secunia.com/advisories/24172 http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml http://www.securityfocus.com/bid/22561 http://www.vupen.com/english/advisories/2007/0609 •
CVE-2007-0968
https://notcve.org/view.php?id=CVE-2007-0968
Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections. Vulnerabilidad no especificada en Cisco Firewall Services Module (FWSM) versiones anteriores a 2.3(4.7) y 3.x versiones anteriores a 3.1(3.1) provoca que las entradas de control de acceso (ACE) en un ACL ser evaluadas inapropiadamente, lo cual permite a usuarios remotos autenticados evitar protecciones ACL concretas intencionadas. • http://secunia.com/advisories/24172 http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml http://www.securityfocus.com/bid/22561 http://www.securitytracker.com/id?1017650 http://www.vupen.com/english/advisories/2007/0609 https://exchange.xforce.ibmcloud.com/vulnerabilities/32521 •