Page 7 of 77 results (0.009 seconds)

CVSS: 8.7EPSS: 0%CPEs: 109EXPL: 0

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in handling crafted DNS response messages. An attacker could exploit this vulnerability by triggering a DNS request from the Cisco ASA Software and replying with a crafted response. A successful exploit could cause the device to reload, resulting in a denial of service (DoS) condition or corruption of the local DNS cache information. Note: Only traffic directed to the affected device can be used to exploit this vulnerability. • http://www.securityfocus.com/bid/97933 http://www.securitytracker.com/id/1038319 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-dns • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 253EXPL: 0

A vulnerability in the TCP normalizer of Cisco Adaptive Security Appliance (ASA) Software (8.0 through 8.7 and 9.0 through 9.6) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause Cisco ASA and FTD to drop any further incoming traffic on all interfaces, resulting in a denial of service (DoS) condition. The vulnerability is due to improper limitation of the global out-of-order TCP queue for specific block sizes. An attacker could exploit this vulnerability by sending a large number of unique permitted TCP connections with out-of-order segments. An exploit could allow the attacker to exhaust available blocks in the global out-of-order TCP queue, causing the dropping of any further incoming traffic on all interfaces and resulting in a DoS condition. Cisco Bug IDs: CSCvb46321. • http://www.securityfocus.com/bid/97923 http://www.securitytracker.com/id/1038329 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-norm • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.7EPSS: 0%CPEs: 106EXPL: 0

A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of malformed IPsec packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. • http://www.securityfocus.com/bid/97936 http://www.securitytracker.com/id/1038316 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-ipsec • CWE-399: Resource Management Errors •

CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 0

A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic. More Information: CSCvc68229. Known Affected Releases: 9.6(2). Known Fixed Releases: 99.1(20.1) 99.1(10.2) 98.1(12.7) 98.1(1.49) 97.1(6.58) 97.1(0.134) 96.2(0.109) 9.7(1.1) 9.6(2.99) 9.6(2.8). Una vulnerabilidad en la implementación de BFD (Border Forwarding Detection) del software Cisco Adaptive Security Appliance (ASA) de Border Gateway Protocol (BGP) podría permitir a un atacante remoto no autenticado omitir la lista de control de acceso (ACL) para tráfico TCP y UDP específico. • http://www.securityfocus.com/bid/96926 http://www.securitytracker.com/id/1038051 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa • CWE-287: Improper Authentication •

CVSS: 8.8EPSS: 2%CPEs: 324EXPL: 1

A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software, Major Releases 9.0-9.6, could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. • https://www.exploit-db.com/exploits/41369 http://www.securityfocus.com/bid/96161 http://www.securitytracker.com/id/1037797 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-asa • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •