CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2012-4660
https://notcve.org/view.php?id=CVE-2012-4660
29 Oct 2012 — The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17), 8.3 before 8.3(2.28), 8.4 before 8.4(2.13), 8.5 before 8.5(1.4), and 8.6 before 8.6(1.5) allows remote attackers to cause a denial of service (device reload) via a crafted SIP media-update packet, aka Bug ID CSCtr63728. El motor de inspección SIP en los dispositivos Cisco Adaptive Security Appliances (ASA) 55... • http://osvdb.org/86144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2012-4659
https://notcve.org/view.php?id=CVE-2012-4659
29 Oct 2012 — The AAA functionality in the IPv4 SSL VPN implementations on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.30) and 8.3 before 8.3(2.34) allows remote attackers to cause a denial of service (device reload) via a crafted authentication response, aka Bug ID CSCtz04566. La funcionalidad AAA en las implementaciones de IPv4 SSL VPN en los dispositivos Cisco Adaptive Security Appliances (ASA) 5... • http://osvdb.org/86137 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 69EXPL: 0CVE-2012-4643
https://notcve.org/view.php?id=CVE-2012-4643
29 Oct 2012 — The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reloa... • http://osvdb.org/86145 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2012-2472
https://notcve.org/view.php?id=CVE-2012-2472
06 Aug 2012 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 and 8.4, when SIP inspection is enabled, create many identical pre-allocated secondary pinholes, which might allow remote attackers to cause a denial of service (CPU consumption) via crafted SIP traffic, aka Bug ID CSCtz63143. Dispositivos Cisco Adaptive Security Appliances (ASA) 5500 con software 8.2 y 8.4, cuando la inspección SIP está activada, crea idénticas pre-asignados secundarios, que podrían permitir a atacantes remotos ... • http://www.cisco.com/en/US/docs/security/asa/asa84/release/notes/asarn84.html • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2012-2474
https://notcve.org/view.php?id=CVE-2012-2474
06 Aug 2012 — Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank response page) by using the clientless WebVPN feature, aka Bug ID CSCth34278. Fuga de memoria en los dispositivos Cisco Adaptive Security Appliances (ASA) de la serie 5500 con software 8.2 a la 8.4, permite a usuarios autenticados remotamente provocar una denegación de servicio (consumo de memoria y página de re... • http://www.cisco.com/web/software/280775065/45357/ASA-825-Interim-Release-Notes.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2012-0378
https://notcve.org/view.php?id=CVE-2012-0378
03 May 2012 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service (connection limit exceeded) by triggering a large number of stale connections that result in an incorrect value for an MPF connection count, aka Bug ID CSCtv19854. Dispositivos Cisco Adaptive Security Appliances (ASA) 5500 con software 8.0 hasta 8.4 permite a atacantes remotos provocar una denegación de servicio (exceso del límite de conexiones) realizando un gran nú... • http://www.cisco.com/web/software/280775065/89203/ASA-843-Interim-Release-Notes.html • CWE-189: Numeric Errors •
CVSS: 6.1EPSS: 0%CPEs: 33EXPL: 0CVE-2011-3285
https://notcve.org/view.php?id=CVE-2011-3285
02 May 2012 — CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101. Vulnerabilidad de ejecución CRLF en /+CSCOE+/logon.html en Cisco Adaptive Security Appliances (ASA) 5500 con software v8.0 a v8.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques... • http://www.cisco.com/web/software/280775065/37740/ASA-805-Interim-Release-Notes.html • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 0CVE-2012-0335
https://notcve.org/view.php?id=CVE-2012-0335
02 May 2012 — Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746. Los dispositivos Cisco Adaptive Security Appliances (ASA) de la serie 5500 con el software v7.2 hasta v8.4 no realiza correctamente la autenticación del proxy a través de un firewall, lo que permite a atacantes remotos obt... • http://secunia.com/advisories/49139 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 2%CPEs: 42EXPL: 0CVE-2012-0353
https://notcve.org/view.php?id=CVE-2012-0353
15 Mar 2012 — The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441. El motor de ... • http://osvdb.org/80043 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 46EXPL: 0CVE-2012-0354
https://notcve.org/view.php?id=CVE-2012-0354
15 Mar 2012 — The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1) allows remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger a shun event, aka Bug ID CSCtw35765. La función de detección de amenazas de dispositivos de la... • http://osvdb.org/80044 • CWE-20: Improper Input Validation •