CVE-2013-0149
https://notcve.org/view.php?id=CVE-2013-0149
The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. La implementación OSFPF en Cisco IOS v12.0 hasta la v 12.4 y v15.0 hasta v15.3, IOS-XE v2.x hasta la v3.9.xS, ASA y PIX 7.x hasta la v9.1, FWSM, NX-OS, y StarOS anterior a v14.0.50488 no valida correctamente los paquetes Link State Advertisement (LSA) tipo 1 antes de realizar operaciones en la base de datos LSA, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción del enrutamiento) u obtener información sensible a través de un paquete (1) unicast o (2) un paquete de multidifusión, también conocido como Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, y CSCug39795. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf http://www.kb.cert.org/vuls/id/229804 •
CVE-2011-0394
https://notcve.org/view.php?id=CVE-2011-0394
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v7.0 anterior a v7.0(8.11), v7.1 y v7.2 anterior a v7.2(5.1), v8.0 anterior a v8.0 (5.19), v8.1 anterior a v8.1 (2.47), v8.2 anterior a v8.2 (2.19), y v8.3 anterior a v8.3 (1.8); dispositivos Cisco PIX Security Appliances Serie 500; y Cisco Firewall Services Module (también conocido como FWSM) v3.1 anterior a v3.1 (20), v3.2 anterior a v3.2 (20), v4.0 anterior a v4.0 (15), y v4.1 anterior a v4.1(5) permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de un mensaje Skinny Client Control Protocol (SCCP) manipulado, también conocido como error ID CSCtg69457 y CSCtl84952. • http://secunia.com/advisories/43453 http://secunia.com/advisories/43488 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml http://www.securityfocus.com/bid/46518 http://www.securitytracker.com/id?1025108 http://www.securitytracker.com/id?1025109 http://www.vupen.com/english/advisories/2011/0493 http://www.vupen.com/english/advisories/2011/0494 https://exchange.xforce.ibmcloud • CWE-399: Resource Management Errors •
CVE-2010-2817
https://notcve.org/view.php?id=CVE-2010-2817
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507. Vulnerabilidad no especificada en la implementación de Cisco Adaptive Security Appliances (ASA) para dispositivos de la serie 5500 con software v7.0 anteriores a v7.0(8.11), v7.1 y v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.15), v8.1 anteriores a v8.1(2.44), v8.2 anteriores a v8.2(2.10), y v8.3 anteriores a v8.3(1.1) y Cisco PIX Security Appliances para dispositivos de la serie 500, permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) mediante un mensajes IKE manipulados, también conocido como Bug ID CSCte46507. • http://secunia.com/advisories/40842 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml http://www.securityfocus.com/bid/42190 •
CVE-2008-0028
https://notcve.org/view.php?id=CVE-2008-0028
Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet. Hay una vulnerabilidad no especificada en PIX 500 Series Security Appliance y 5500 Series Adaptive Security Appliance (ASA) de Cisco anterior a las versiones 7.2 (3) 6 y 8.0 (3), cuando la función de decremento de Time-to-Live (TTL) está habilitada, permite que los atacantes remotos causen una denegación de servicio (recarga del dispositivo) por medio de un paquete IP creado. • http://secunia.com/advisories/28625 http://www.cisco.com/warp/public/707/cisco-sa-20080123-asa.shtml http://www.securityfocus.com/bid/27418 http://www.securitytracker.com/id?1019262 http://www.securitytracker.com/id?1019263 http://www.vupen.com/english/advisories/2008/0259 https://exchange.xforce.ibmcloud.com/vulnerabilities/39862 •
CVE-2007-0962
https://notcve.org/view.php?id=CVE-2007-0962
Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic. Cisco PIX 500 y ASA 5500 Series Security Appliances 7.x versiones anteriores a 7.0(4.14), 7.1 versiones anteriores a 7.1(2.1), y el FWSM 2.x versiones anteriores a 2.3(4.12) y 3.x versiones anteriores a 3.1(3.24), cuando "inspect http" está habilitado, permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo) mediante tráfico HTTP mal-formado. • http://osvdb.org/33055 http://secunia.com/advisories/24160 http://secunia.com/advisories/24180 http://securitytracker.com/id?1017651 http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml http://www.securityfocus.com/bid/22561 http://www.securityfocus.com/bid/22562 http://www.securitytracker.com/id?1017652 http://www.vupen.com/english/advisories/2007/0608 https://exchange.x •