Page 71 of 359 results (0.009 seconds)

CVSS: 10.0EPSS: 18%CPEs: 4EXPL: 0

CVE-2007-2462

https://notcve.org/view.php?id=CVE-2007-2462

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validación LDAP y ganar privilegios a través de vectores desconocidos. • http://secunia.com/advisories/25109 http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml http://www.kb.cert.org/vuls/id/210876 http://www.osvdb.org/35331 http://www.securityfocus.com/bid/23768 http://www.securitytracker.com/id?1017994 http://www.securitytracker.com/id?1017995 http://www.vupen.com/english/advisories/2007/1636 https://exchange.xforce.ibmcloud.com/vulnerabilities/34020 •

CVSS: 7.8EPSS: 4%CPEs: 2EXPL: 0

CVE-2007-2461

https://notcve.org/view.php?id=CVE-2007-2461

The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used. El agente transmisor DHCP en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 permite a atacantes remotos provocar una denegación de servicio (abandono de paquetes) mediante un mensaje DHCPREQUEST o DHCPINFORM que provoca que múltiples mensajes DHCPACK sean enviados desde servidores DHCP al agente, lo cual consume la memoria reservada para un búfer local. NOTA: esta situación sólo se da cuando se usan múltiples servidores DHCP. • http://secunia.com/advisories/25109 http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html http://www.kb.cert.org/vuls/id/530057 http://www.osvdb.org/35330 http://www.securityfocus.com/bid/23763 http://www.securitytracker.com/id?1017999 http://www.securitytracker.com/id?1018000 http://www.vupen.com/english/advisories/2007/1635 https://exchange.xforce.ibmcloud.com/vulnerabilities/34026 •

CVSS: 6.4EPSS: 1%CPEs: 2EXPL: 0

CVE-2007-0397

https://notcve.org/view.php?id=CVE-2007-0397

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information. El Cisco Security Monitoring, Analysis y Response System (CS-MARS) anterior 4.2.3 y Adaptive Security Device Manager (ASDM) anterior 5.2(2.54) no valida los certificados SSL/TLS o llaves públicas SSH cuando se conectan dispositivos, lo cual permite a atacantes remotos suplantar a estos dispositivos obteniendo información sensible o generando información incorrecta. • http://osvdb.org/32720 http://secunia.com/advisories/23836 http://securitytracker.com/id?1017535 http://securitytracker.com/id?1017536 http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml http://www.securityfocus.com/bid/22111 http://www.vupen.com/english/advisories/2007/0245 https://exchange.xforce.ibmcloud.com/vulnerabilities/31567 •

CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2006-4312

https://notcve.org/view.php?id=CVE-2006-4312

Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access. Cisco PIX 500 Series Security Appliances y ASA 5500 Series Adaptive Security Appliances, cuando ejecutan 7.0(x) hasta 7.0(5) y 7.1(x) hasta 7.1(2.4), y el Firewall Services Module (FWSM) 3.1(x) hasta 3.1(1.6), provoca que la contraseña EXEC, las contraseñas de usuario local, y la contraseña de activación se cambien a un "valor no aleatorio" bajo determinadas circunstancias, lo que provoca un bloqueo a los administradores y podría permitir a los atacantes obtener acceso. • http://secunia.com/advisories/21616 http://securitytracker.com/id?1016738 http://securitytracker.com/id?1016739 http://securitytracker.com/id?1016740 http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml http://www.osvdb.org/28143 http://www.securityfocus.com/bid/19681 http://www.vupen.com/english/advisories/2006/3367 https://exchange.xforce.ibmcloud.com/vulnerabilities/28540 •

CVSS: 5.0EPSS: 5%CPEs: 138EXPL: 0

CVE-2006-3906

https://notcve.org/view.php?id=CVE-2006-3906

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IOS, VPN 3000 Concentrators, y PIX firewalls, permite a atacantes remotos provocar denegación de servicio (agotamiento de recursos) a través de un flood de paquetes IKE Phase-1 que exceden el ratio de expiración de la sesión. NOTA: se ha indicado que esto es debido a un diseño debil del protocolo IKe version 1, en cuyo caso otros vendedores e implementaciones podrían verse afectados. • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html http://securityreason.com/securityalert/1293 http://securitytracker.com/id?1016582 http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html http://www.osvdb.org/29068 http://www.securityfocus.com/archive/1/441203/100/0/threaded http://www.securityfocus.com/bid/19176 https://exchange.xforce.ibmcloud.com/vulnerabilities& •