CVE-2016-6367 – Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-6367
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and FWSM devices allows local users to gain privileges via invalid CLI commands, aka Bug ID CSCtu74257 or EPICBANANA. Cisco Adaptive Security Applicance (ASA) Software en versiones anteriores a 8.4(1) en dispositivos ASA 5500, ASA 5500-X, PIX y FWSM permite a usuarios locales obtener privilegios a través de comandos CLI no válidos, también conocido como Bug ID CSCtu74257 o EPICBANANA. A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code. • https://www.exploit-db.com/exploits/40271 http://blogs.cisco.com/security/shadow-brokers http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516 http://www.securityfocus.com/bid/92520 http://www.securitytracker.com/id/1036636 https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40271.zip • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2016-6366 – Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2016-6366
Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. Desbordamiento de búfer en Cisco Adaptive Security Applicance (ASA) Software hasta la versión 9.4.2.3 en dispositivos ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX y FWSM permite a usuarios remotos autenticados ejecutar código arbitrario a través de paquetes IPv4 SNMP manipulados, también conocido como Bug ID CSCva92151 o EXTRABACON. A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code. • https://www.exploit-db.com/exploits/40258 https://github.com/RiskSense-Ops/CVE-2016-6366 http://blogs.cisco.com/security/shadow-brokers http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-56516 http://www.securityfocus.com/bid/92521 http://www.securitytracker.com/id/1036637 https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/40258.zip https://zerosum0x0 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2010-1579
https://notcve.org/view.php?id=CVE-2010-1579
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922. Vulnerabilidad no especificada en la característica de inspección SunRPC en dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.19), v8.1 anteriores a v8.1(2.47), y v8.2 anteriores a v8.2(2) y Cisco PIX Security Appliances 500, permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) mediante un mensajes SunRPC UDP manipulados, también conocido como Bug ID CSCtc79922. • http://secunia.com/advisories/40842 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml •
CVE-2006-4312
https://notcve.org/view.php?id=CVE-2006-4312
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access. Cisco PIX 500 Series Security Appliances y ASA 5500 Series Adaptive Security Appliances, cuando ejecutan 7.0(x) hasta 7.0(5) y 7.1(x) hasta 7.1(2.4), y el Firewall Services Module (FWSM) 3.1(x) hasta 3.1(1.6), provoca que la contraseña EXEC, las contraseñas de usuario local, y la contraseña de activación se cambien a un "valor no aleatorio" bajo determinadas circunstancias, lo que provoca un bloqueo a los administradores y podría permitir a los atacantes obtener acceso. • http://secunia.com/advisories/21616 http://securitytracker.com/id?1016738 http://securitytracker.com/id?1016739 http://securitytracker.com/id?1016740 http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml http://www.osvdb.org/28143 http://www.securityfocus.com/bid/19681 http://www.vupen.com/english/advisories/2006/3367 https://exchange.xforce.ibmcloud.com/vulnerabilities/28540 •
CVE-2006-4194
https://notcve.org/view.php?id=CVE-2006-4194
Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue ** IMPUGNADA ** Vulnerabilidad no especificada en Cisco PIX 500 Series Security Appliances permite a atacantes remotos enviar paquetes UDP de su elección a dispositivos de la intranet mediante vectores no especificados relacionados con comandos de establecimiento del Protocolo de Iniciación de Sesión (Session Initiation Protocol o SIP), un problema distinto de CVE-2006-4032. NOTA: el fabricante, tras trabajar con el investigador, ha sido incapaz de reproducir el problema. • http://searchsecurity.techtarget.com/originalContent/0%2C289142%2Csid14_gci1207450%2C00.html http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/tsd_products_security_response09186a008070d33b.html http://www.idoel.smilejogja.com/2006/08/14/blinded-by-the-glare-of-facial-piercings-at-black-hat-or-the-one-that-got-away http://www.networkworld.com/news/2006/080406-black-hat-unpatched-flaw-revealed.html?t5 http://www.osvdb.org/29781 http://www.securityfocus.com/bid/19536 •