13 results (0.034 seconds)

CVSS: 5.8EPSS: 0%CPEs: 566EXPL: 0

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. La implementación OSFPF en Cisco IOS v12.0 hasta la v 12.4 y v15.0 hasta v15.3, IOS-XE v2.x hasta la v3.9.xS, ASA y PIX 7.x hasta la v9.1, FWSM, NX-OS, y StarOS anterior a v14.0.50488 no valida correctamente los paquetes Link State Advertisement (LSA) tipo 1 antes de realizar operaciones en la base de datos LSA, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción del enrutamiento) u obtener información sensible a través de un paquete (1) unicast o (2) un paquete de multidifusión, también conocido como Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, y CSCug39795. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf http://www.kb.cert.org/vuls/id/229804 •

CVSS: 7.8EPSS: 2%CPEs: 95EXPL: 0

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v7.0 anterior a v7.0(8.11), v7.1 y v7.2 anterior a v7.2(5.1), v8.0 anterior a v8.0 (5.19), v8.1 anterior a v8.1 (2.47), v8.2 anterior a v8.2 (2.19), y v8.3 anterior a v8.3 (1.8); dispositivos Cisco PIX Security Appliances Serie 500; y Cisco Firewall Services Module (también conocido como FWSM) v3.1 anterior a v3.1 (20), v3.2 anterior a v3.2 (20), v4.0 anterior a v4.0 (15), y v4.1 anterior a v4.1(5) permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un mensaje Skinny Client Control Protocol (SCCP) manipulado, también conocido como error ID CSCtg69457 y CSCtl84952. • http://secunia.com/advisories/43453 http://secunia.com/advisories/43488 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml http://www.securityfocus.com/bid/46518 http://www.securitytracker.com/id?1025108 http://www.securitytracker.com/id?1025109 http://www.vupen.com/english/advisories/2011/0493 http://www.vupen.com/english/advisories/2011/0494 https://exchange.xforce.ibmcloud • CWE-399: Resource Management Errors •

CVSS: 7.1EPSS: 1%CPEs: 6EXPL: 0

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet. Hay una vulnerabilidad no especificada en PIX 500 Series Security Appliance y 5500 Series Adaptive Security Appliance (ASA) de Cisco anterior a las versiones 7.2 (3) 6 y 8.0 (3), cuando la función de decremento de Time-to-Live (TTL) está habilitada, permite que los atacantes remotos causen una denegación de servicio (recarga del dispositivo) por medio de un paquete IP creado. • http://secunia.com/advisories/28625 http://www.cisco.com/warp/public/707/cisco-sa-20080123-asa.shtml http://www.securityfocus.com/bid/27418 http://www.securitytracker.com/id?1019262 http://www.securitytracker.com/id?1019263 http://www.vupen.com/english/advisories/2008/0259 https://exchange.xforce.ibmcloud.com/vulnerabilities/39862 •

CVSS: 5.0EPSS: 5%CPEs: 138EXPL: 0

Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IOS, VPN 3000 Concentrators, y PIX firewalls, permite a atacantes remotos provocar denegación de servicio (agotamiento de recursos) a través de un flood de paquetes IKE Phase-1 que exceden el ratio de expiración de la sesión. NOTA: se ha indicado que esto es debido a un diseño debil del protocolo IKe version 1, en cuyo caso otros vendedores e implementaciones podrían verse afectados. • http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html http://securityreason.com/securityalert/1293 http://securitytracker.com/id?1016582 http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html http://www.osvdb.org/29068 http://www.securityfocus.com/archive/1/441203/100/0/threaded http://www.securityfocus.com/bid/19176 https://exchange.xforce.ibmcloud.com/vulnerabilities& •

CVSS: 7.5EPSS: 33%CPEs: 66EXPL: 2

Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. • https://www.exploit-db.com/exploits/27830 http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045899.html http://secunia.com/advisories/20044 http://securitytracker.com/id?1016039 http://securitytracker.com/id?1016040 http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/tsd_products_security_response09186a00806824ec.html http://www.osvdb.org/25453 http://www.securityfocus.com/archive/1/433270/100/0/threaded http://www.securityfocus.com/bid/17883 http://www.vsecurity.c •