CVSS: 8.8EPSS: 92%CPEs: 52EXPL: 6CVE-2016-6366 – Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2016-6366
18 Aug 2016 — Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. Desbordamiento de búfer en Cisco Adaptive Security Applicance (ASA) Software hasta la versión 9.4.2.3 en dispositivos ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, F... • https://packetstorm.news/files/id/180758 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 38%CPEs: 31EXPL: 3CVE-2016-6367 – Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-6367
18 Aug 2016 — Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA. Cisco Adaptive Security Applicance (ASA) Software en versiones anteriores a 8.4(1) en dispositivos ASA 5500, ASA 5500-X, PIX y FWSM permite a usuarios locales obtener privilegios a través de comandos CLI no válidos, también conocido como Bug ID CSCtu74257 o EPICBANANA. A vulnerability in the command-... • https://www.exploit-db.com/exploits/40271 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-1312
https://notcve.org/view.php?id=CVE-2016-1312
09 Mar 2016 — The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147. El motor de inspección HTTPS en Content Security y Control Security Services Module (CSC-SSM) 6.6 en versiones anteriores a 6.6.1164.0 para dispositivos Cisco ASA 5500 permite a atacantes remotos provocar una denegación ... • http://www.securityfocus.com/bid/84281 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •