CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. • http://www.securityfocus.com/bid/100005 http://www.securitytracker.com/id/1039005 http://www.securitytracker.com/id/1039006 http://www.securitytracker.com/id/1039007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf • CWE-20: Improper Input Validation •
CVE-2012-5415
https://notcve.org/view.php?id=CVE-2012-5415
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272. Condición de carrera en dispositivos Cisco Adaptive Security Appliances (ASA) permite a atacantes remotos causar una denegación de servicio (consumo CPU o reinicio del dispositivo) mediante el establecimiento de múltiples conexiones, dando lugar a una incorrecta gestion de las búsquedas para flujos secundarios, también conocido como Bug IDs CSCue31622 and CSCuc71272. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2013-1149
https://notcve.org/view.php?id=CVE-2013-1149
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. Cisco Adaptive Security Appliances (ASA) los dispositivos con v7.x de software antes de v7.2(5.10) v8.0, antes de v8.0(5.28), v8.1 y v8.2 antes de v8.2(5.35), v8.3 antes de v8.3(2.34), v8.4 antes de v8.4(4.11), v8.6 antes de v8.6(1.10), y v8.7 antes de v8.7(1.3), y Cisco Firewall Services Module (FWSM) software v3.1 y v3.2 antes de v3.2(24.1) y v4.0 y v401 antes de v4.1(11.1), permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un elaborado IKEv1 mensaje, también conocido como Bug ID CSCub85692 y CSCud20267. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm •
CVE-2012-4643
https://notcve.org/view.php?id=CVE-2012-4643
The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8.5(1.9), and 8.6 before 8.6(1.5) does not properly allocate memory for DHCP packets, which allows remote attackers to cause a denial of service (device reload) via a series of crafted IPv4 packets, aka Bug ID CSCtw84068. El servidor DHCP en dispositivos Cisco de las series Adaptive Security Appliances (ASA) 5500, y ASA Services Module (ASASM) en dispositivos Cisco de la serie Catalyst 6500, con software v7.0 anterior a v7.2(5.8), v7.1 anterior a v7.2(5.8), v7.2 anterior a v7.2(5.8), v8.0 anterior a v8.0(5.28), v8.1 anterior a v8.1(2.56), v8.2 anterior a v8.2(5.27), v8.3 anterior a v8.3(2.31), v8.4 anterior a v8.4(3.10), v8.5 anterior a v8.5(1.9), y v8.6 anterior a v8.6(1.5) no posiciona en memoria de forma adecuada los paquetes DHCP, lo que permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de una serie de paquetes IPv4 manipulados, también conocido como Bus ID CSCtw84068. • http://osvdb.org/86145 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa http://www.securityfocus.com/bid/55861 • CWE-399: Resource Management Errors •
CVE-2012-0335
https://notcve.org/view.php?id=CVE-2012-0335
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746. Los dispositivos Cisco Adaptive Security Appliances (ASA) de la serie 5500 con el software v7.2 hasta v8.4 no realiza correctamente la autenticación del proxy a través de un firewall, lo que permite a atacantes remotos obtener información sensible a través de un intento de conexión, también conocido como Bug ID CSCtx42746. • http://secunia.com/advisories/49139 http://www.cisco.com/web/software/280775065/89203/ASA-843-Interim-Release-Notes.html http://www.securityfocus.com/bid/53558 http://www.securitytracker.com/id?1027008 • CWE-287: Improper Authentication •