Vulnerabilites related to cisco - pix
Vulnerability from fkie_nvd
Published
2008-09-04 16:41
Modified
2025-04-09 00:30
Severity ?
Summary
Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942.
References
psirt@cisco.comhttp://secunia.com/advisories/31730
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
psirt@cisco.comhttp://www.securityfocus.com/bid/30998
psirt@cisco.comhttp://www.securitytracker.com/id?1020810
psirt@cisco.comhttp://www.securitytracker.com/id?1020811
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/44867
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31730
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30998
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020810
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020811
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44867
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942."
    },
    {
      "lang": "es",
      "value": "Cisco PIX  y dispositivos Adaptive Security Appliance 5500(ASA) 7.2 anteriores a 7.2(4)2, 8.0 anterior a 8.0(3)14, y 8.1 anterior a 8.1(1)4, cuando se encuentra configurado como un endpoint VPN, no procesa adecuadamente la autenticaci\u00f3n cliente, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de un intento de autenticaci\u00f3n manipulado, tambi\u00e9n conocido como Bug ID CSCso69942."
    }
  ],
  "id": "CVE-2008-2733",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-04T16:41:00.000",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/31730"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/30998"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1020810"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1020811"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30998"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020810"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020811"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44867"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-05-02 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry.
References
cve@mitre.orghttp://secunia.com/advisories/25109
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml
cve@mitre.orghttp://www.osvdb.org/35332
cve@mitre.orghttp://www.securityfocus.com/bid/23768
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1636Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34021
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25109
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/35332
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23768
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1636Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34021
Impacted products
Vendor Product Version
cisco pix *
cisco pix 7.1
cisco adaptive_security_appliance_software *
cisco adaptive_security_appliance_software 7.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B51668-5055-4B10-9E0F-D25C470C9A80",
              "versionEndIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "051F79C8-3058-4926-A533-73F5A269599E",
              "versionEndIncluding": "7.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.1 anterior a 7.1(2)49 y 7.2 anterior a 7.2(2)17 permite a atacantes remotos provocar denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de vectores desconocidos relacionados con el fin de la conexi\u00f3n VPN y el vencimiento de la contrase\u00f1a."
    }
  ],
  "evaluatorSolution": "The vendor has addressed this issue with a product update. Information can be found at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml",
  "id": "CVE-2007-2463",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-02T22:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35332"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23768"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1636"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/1636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-11-23 00:03
Modified
2025-04-03 01:03
Severity ?
Summary
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
References
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.htmlVendor Advisory
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html
cve@mitre.orghttp://secunia.com/advisories/17670
cve@mitre.orghttp://securitytracker.com/id?1015256
cve@mitre.orghttp://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml
cve@mitre.orghttp://www.kb.cert.org/vuls/id/853540US Government Resource
cve@mitre.orghttp://www.osvdb.org/24140
cve@mitre.orghttp://www.securityfocus.com/archive/1/417458/30/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/426989/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/426991/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/427041/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/15525
cve@mitre.orghttp://www.vupen.com/english/advisories/2005/2546
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/25077
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/25079
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17670
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015256
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/853540US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/24140
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/417458/30/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/426989/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/426991/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/427041/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/15525
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2005/2546
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25077
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25079
Impacted products
Vendor Product Version
cisco pix 6.3
cisco pix 7.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B10C3812-2BA0-4DE3-8793-8F89AD342E30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."
    }
  ],
  "id": "CVE-2005-3774",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-11-23T00:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17670"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015256"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/853540"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/24140"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15525"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2546"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015256"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/853540"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/24140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
References
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022017
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022017
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.0
cisco adaptive_security_appliance_5500 7.1
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.0
cisco pix 7.1
cisco pix 7.2
cisco pix 8.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "235C2CE5-C858-4037-AE35-E6D506301894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277."
    },
    {
      "lang": "es",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances v7.0 anteriores a v7.0(8)1, v7.1 anteriores a v7.1(2)74, v7.2 anteriores a v7.2(4)9, and v8.0 anteriores a v8.0(4)5 no implementan de forma adecuada la denegaci\u00f3n impl\u00edcita, lo que podr\u00eda permitir a atacantes remotos enviar paquetes que sobrepasen las restricciones de acceso impuestas, tambi\u00e9n conocido como Bug ID CSCsq91277."
    }
  ],
  "id": "CVE-2009-1160",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.797",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022017"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-09-04 16:41
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315.
References
psirt@cisco.comhttp://secunia.com/advisories/31730
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
psirt@cisco.comhttp://www.securityfocus.com/bid/30998
psirt@cisco.comhttp://www.securitytracker.com/id?1020808
psirt@cisco.comhttp://www.securitytracker.com/id?1020809
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/44866
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31730
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30998
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020808
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1020809
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44866
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en la funcionalidad de inspecci\u00f3n SIP en Cisco PIX y Adaptive Security Appliance (ASA) 5500 devices 7.0 versiones anteriores a  7.0(7)16, 7.1 versiones anteriores a 7.1(2)71, 7.2 versiones anteriores a 7.2(4)7, 8.0 versiones anteriores a 8.0(3)20, y 8.1 versiones anteriores a 8.1(1)8 permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, y CSCsq39315."
    }
  ],
  "id": "CVE-2008-2732",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-04T16:41:00.000",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/31730"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/30998"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1020808"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1020809"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31730"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30998"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020809"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44866"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2008-10-23 22:00
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
References
psirt@cisco.comhttp://secunia.com/advisories/32360
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml
psirt@cisco.comhttp://www.securityfocus.com/bid/31864
psirt@cisco.comhttp://www.securitytracker.com/id?1021089
psirt@cisco.comhttp://www.securitytracker.com/id?1021090
psirt@cisco.comhttp://www.vupen.com/english/advisories/2008/2899
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/46024
psirt@cisco.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32360
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31864
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021089
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021090
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2899
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/46024
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983
Impacted products
Vendor Product Version
cisco asa_5500 *
cisco pix 7.0
cisco pix 7.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances 7.0 versiones anteriores a 7.0(8)3, 7.1 versiones anteriores a 7.1(2)78, 7.2 versiones anteriores a 7.2(4)16, 8.0 versiones anteriores a 8.0(4)6, y 8.1 versiones anteriores a 8.1(1)13, cuando est\u00e1 configurado como una VPN utilizando la autenticaci\u00f3n del dominio de Microsoft Windows NT, permite a atacantes remotos evitar la autenticaci\u00f3n VPN a trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2008-3815",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-10-23T22:00:01.137",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/32360"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/31864"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1021089"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1021090"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2008/2899"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46024"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32360"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2899"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46024"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
References
psirt@cisco.comhttp://osvdb.org/53441
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022016
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53441
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022016
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.1
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances v7.1(1) hasta v7.1(2)82, v7.2 anteriores a v7.2(4)27, v8.0 anteriores a v8.0(4)25, y v8.1 anteriores a v8.1(2)15, cuando introducimos en un campo de atributo general AAA, permite a atacantes remotos saltarse la autenticaci\u00f3n y establecer una sesi\u00f3n VPN a un dispositivo ASO mediante vectores no especificados."
    }
  ],
  "evaluatorImpact": "Per vendor advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml\r\n\r\n\"VPN Authentication Bypass Vulnerability\r\n\r\nCisco ASA or Cisco PIX security appliances that are configured for IPsec or SSL-based remote access VPN and have the Override Account Disabled feature enabled are affected by this vulnerability.\r\n\r\nNote:  The Override Account Disabled feature was introduced in Cisco ASA software version 7.1(1). Cisco ASA and PIX software versions 7.1, 7.2, 8.0, and 8.1 are affected by this vulnerability. This feature is disabled by default. \"",
  "id": "CVE-2009-1155",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.703",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53441"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022016"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
References
psirt@cisco.comhttp://osvdb.org/53442
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022015
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53442
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022015
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no espec\u00edfica en Cisco Adaptive Security Appliances (ASA) 5500 Series devices v8.0 anteriores a v8.0(4)25 y v8.1 anteriores a v8.1(2)15, cuando est\u00e1 configurado el acceso SSL VPN o ASDM, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de un paquete manipulado (1) SSL o (2) HTTP."
    }
  ],
  "evaluatorImpact": "Per vendor advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml\r\n\r\nVPN Authentication Bypass Vulnerability\r\n\r\nThe Cisco ASA or Cisco PIX security appliance can be configured to override an account-disabled indication from a AAA server and allow the user to log on anyway. However, the user must provide the correct credentials in order to login to the VPN. A vulnerability exists in the Cisco ASA and Cisco PIX security appliances where VPN users can bypass authentication when the override account feature is enabled.\r\n\r\nNote:  The override account feature was introduced in Cisco ASA software version 7.1(1).\r\n\r\nThe override account feature is enabled with the override-account-disable command in tunnel-group general-attributes configuration mode, as shown in the following example. The following example allows overriding the \"account-disabled\" indicator from the AAA server for the WebVPN tunnel group \"testgroup\":\r\n\r\n    hostname(config)#tunnel-group testgroup type webvpn\r\n    hostname(config)#tunnel-group testgroup general-attributes\r\n    hostname(config-tunnel-general)#override-account-disable\r\n\r\nNote:  The override account feature is disabled by default.",
  "id": "CVE-2009-1156",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.7,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.717",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53442"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53442"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.
References
psirt@cisco.comhttp://osvdb.org/53445
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022015
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53445
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022015
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.0
cisco adaptive_security_appliance_5500 7.1
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.0
cisco pix 7.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "235C2CE5-C858-4037-AE35-E6D506301894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet."
    },
    {
      "lang": "es",
      "value": "Fuga de memoria en Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances v7.0 anteriores a v7.0(8)6, v7.1 anteriores a v7.1(2)82, v7.2 anteriores a v7.2(4)30, v8.0 anteriores a v8.0(4)28, y v8.1 anteriores a v8.1(2)19 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y recarga del dispositivo) a trav\u00e9s de una paquete TCP manipulado.\r\n"
    }
  ],
  "evaluatorImpact": "Per vendor advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml\r\n\r\nCrafted TCP Packet DoS Vulnerability\r\n\r\nCisco ASA and Cisco PIX security appliances may experience a memory leak that can be triggered by a series of crafted TCP packets. Cisco ASA and Cisco PIX security appliances running versions 7.0, 7.1, 7.2, 8.0, and 8.1 are affected when configured for any of the following features:\r\n\r\n    * SSL VPNs\r\n    * ASDM Administrative Access\r\n    * Telnet Access\r\n    * SSH Access\r\n    * Cisco Tunneling Control Protocol (cTCP) for Remote Access VPNs\r\n    * Virtual Telnet\r\n    * Virtual HTTP\r\n    * Transport Layer Security (TLS) Proxy for Encrypted Voice Inspection\r\n    * Cut-Through Proxy for Network Access\r\n    * TCP Intercept",
  "id": "CVE-2009-1157",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.750",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53445"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-05-02 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
References
cve@mitre.orghttp://secunia.com/advisories/25109
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtmlPatch
cve@mitre.orghttp://www.kb.cert.org/vuls/id/210876US Government Resource
cve@mitre.orghttp://www.osvdb.org/35331
cve@mitre.orghttp://www.securityfocus.com/bid/23768
cve@mitre.orghttp://www.securitytracker.com/id?1017994
cve@mitre.orghttp://www.securitytracker.com/id?1017995
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1636
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34020
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25109
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/210876US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/35331
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23768
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017994
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017995
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1636
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34020
Impacted products
Vendor Product Version
cisco pix *
cisco pix 7.1
cisco adaptive_security_appliance_software *
cisco adaptive_security_appliance_software 7.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B51668-5055-4B10-9E0F-D25C470C9A80",
              "versionEndIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "051F79C8-3058-4926-A533-73F5A269599E",
              "versionEndIncluding": "7.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 before 7.2(2)8, cuando utilizan Layer 2 Tunneling Protocol (L2TP) o Remote Management Access, permite a atacantes remotos evitar la validaci\u00f3n LDAP y ganar privilegios a trav\u00e9s de vectores desconocidos."
    }
  ],
  "evaluatorSolution": "The vendor has addressed this issue with the following update:\r\nhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml",
  "id": "CVE-2007-2462",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-02T22:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/210876"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35331"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23768"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017994"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017995"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1636"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/210876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34020"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-05-02 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.
References
cve@mitre.orghttp://secunia.com/advisories/25109
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_response09186a0080833172.htmlPatch
cve@mitre.orghttp://www.kb.cert.org/vuls/id/530057Patch, US Government Resource
cve@mitre.orghttp://www.osvdb.org/35330
cve@mitre.orghttp://www.securityfocus.com/bid/23763
cve@mitre.orghttp://www.securitytracker.com/id?1017999
cve@mitre.orghttp://www.securitytracker.com/id?1018000
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1635
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34026
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25109
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_response09186a0080833172.htmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/530057Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/35330
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23763
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017999
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018000
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1635
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34026
Impacted products
Vendor Product Version
cisco pix 7.2
cisco adaptive_security_appliance_software 7.2.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer.  NOTE: this issue only occurs when multiple DHCP servers are used."
    },
    {
      "lang": "es",
      "value": "El agente transmisor DHCP en Cisco Adaptive Security Appliance (ASA) y PIX 7.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (abandono de paquetes) mediante un mensaje DHCPREQUEST o DHCPINFORM que provoca que m\u00faltiples mensajes DHCPACK sean enviados desde servidores DHCP al agente, lo cual consume la memoria reservada para un b\u00fafer local. NOTA: esta situaci\u00f3n s\u00f3lo se da cuando se usan m\u00faltiples servidores DHCP."
    }
  ],
  "id": "CVE-2007-2461",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-02T22:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/530057"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35330"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23763"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017999"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018000"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1635"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/530057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018000"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-05-02 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
References
cve@mitre.orghttp://secunia.com/advisories/25109
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/337508US Government Resource
cve@mitre.orghttp://www.osvdb.org/35333
cve@mitre.orghttp://www.securityfocus.com/bid/23768
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/1636
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34023
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25109
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/337508US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/35333
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/23768
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1636
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34023
Impacted products
Vendor Product Version
cisco pix *
cisco pix 7.1
cisco adaptive_security_appliance_software *
cisco adaptive_security_appliance_software 7.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:pix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B51668-5055-4B10-9E0F-D25C470C9A80",
              "versionEndIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "051F79C8-3058-4926-A533-73F5A269599E",
              "versionEndIncluding": "7.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using \"clientless SSL VPNs,\" allows remote attackers to cause a denial of service (device reload) via \"non-standard SSL sessions.\""
    },
    {
      "lang": "es",
      "value": "Condici\u00f3n de carrera en el Cisco Adaptive Security Appliance (ASA) y en el PIX 7.1 anterior al 7.1(2)49 y el 7.2 anterior al 7.2(2)19, cuando se utiliza \"VPNs SSL sin cliente\", permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recargar el dispositivo) a trav\u00e9s de \"sesiones SSL no est\u00e1ndar\"."
    }
  ],
  "evaluatorSolution": "The vendor has addressed this issue with a product update. Information can be found at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml",
  "id": "CVE-2007-2464",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-05-02T22:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/337508"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/35333"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23768"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/1636"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34023"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/25109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/337508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/35333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34023"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.
References
psirt@cisco.comhttp://osvdb.org/53444
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022015
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53444
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022015
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.0
cisco adaptive_security_appliance_5500 7.1
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.0
cisco pix 7.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "235C2CE5-C858-4037-AE35-E6D506301894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no espec\u00edfica en Cisco Adaptive Security Appliances (ASA) 5500 Series dispositivos v7.0 anteriores a v7.0(8)6, v7.1 anteriores a v7.1(2)82, v7.2 anteriores a v7.2(4)26, v8.0 anteriores a v8.0(4)24, y v8.1 anteriores a v8.1(2)14, cuando la inspecci\u00f3n H.323 est\u00e1 habilitado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de un paquete h.323 manipulado."
    }
  ],
  "id": "CVE-2009-1158",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.767",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53444"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53444"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
References
psirt@cisco.comhttp://osvdb.org/53446
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022015
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53446
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022015
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no espec\u00edfica en Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances v7.2 anteriores a v7.2(4)26, v8.0 anteriores a v8.0(4)22, y v8.1 anteriores a v8.1(2)12, cuando la inspecci\u00f3n SQL*Net est\u00e1 activada, permite a los atacantes remotos provocar una denegaci\u00f3n de servicio (rastreo y recarga del dispositivo) a trav\u00e9s de series de paquetes SQL*Net."
    }
  ],
  "id": "CVE-2009-1159",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.780",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53446"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53446"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-2462 (GCVE-0-2007-2462)
Vulnerability from cvelistv5
Published
2007-05-02 22:00
Modified
2024-08-07 13:42
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.
References
http://www.securitytracker.com/id?1017994 vdb-entry, x_refsource_SECTRACK
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml vendor-advisory, x_refsource_CISCO
http://www.kb.cert.org/vuls/id/210876 third-party-advisory, x_refsource_CERT-VN
https://exchange.xforce.ibmcloud.com/vulnerabilities/34020 vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/1636 vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1017995 vdb-entry, x_refsource_SECTRACK
http://www.osvdb.org/35331 vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/bid/23768 vdb-entry, x_refsource_BID
http://secunia.com/advisories/25109 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:32.339Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1017994",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017994"
          },
          {
            "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
          },
          {
            "name": "VU#210876",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/210876"
          },
          {
            "name": "cisco-asa-ldap-authentication-bypass(34020)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34020"
          },
          {
            "name": "ADV-2007-1636",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1636"
          },
          {
            "name": "1017995",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017995"
          },
          {
            "name": "35331",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35331"
          },
          {
            "name": "23768",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23768"
          },
          {
            "name": "25109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1017994",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017994"
        },
        {
          "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
        },
        {
          "name": "VU#210876",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/210876"
        },
        {
          "name": "cisco-asa-ldap-authentication-bypass(34020)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34020"
        },
        {
          "name": "ADV-2007-1636",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1636"
        },
        {
          "name": "1017995",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017995"
        },
        {
          "name": "35331",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35331"
        },
        {
          "name": "23768",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23768"
        },
        {
          "name": "25109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2462",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1017994",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017994"
            },
            {
              "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
            },
            {
              "name": "VU#210876",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/210876"
            },
            {
              "name": "cisco-asa-ldap-authentication-bypass(34020)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34020"
            },
            {
              "name": "ADV-2007-1636",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1636"
            },
            {
              "name": "1017995",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017995"
            },
            {
              "name": "35331",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35331"
            },
            {
              "name": "23768",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23768"
            },
            {
              "name": "25109",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2462",
    "datePublished": "2007-05-02T22:00:00",
    "dateReserved": "2007-05-02T00:00:00",
    "dateUpdated": "2024-08-07T13:42:32.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1160 (GCVE-0-2009-1160)
Vulnerability from cvelistv5
Published
2009-04-09 15:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
References
http://www.vupen.com/english/advisories/2009/0981 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/34429 vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/34607 third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1022017 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:48.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "1022017",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "1022017",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022017"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1160",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "1022017",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022017"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1160",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:48.999Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1155 (GCVE-0-2009-1155)
Vulnerability from cvelistv5
Published
2009-04-09 15:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
References
http://www.securitytracker.com/id?1022016 vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2009/0981 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/34429 vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/34607 third-party-advisory, x_refsource_SECUNIA
http://osvdb.org/53441 vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.477Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1022016",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022016"
          },
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "53441",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53441"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1022016",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022016"
        },
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "53441",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53441"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1155",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1022016",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022016"
            },
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "53441",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53441"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1155",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3774 (GCVE-0-2005-3774)
Vulnerability from cvelistv5
Published
2005-11-23 00:00
Modified
2024-08-07 23:24
Severity ?
CWE
  • n/a
Summary
Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:24:36.214Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015256",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015256"
          },
          {
            "name": "cisco-pix-ttl-dos(25079)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"
          },
          {
            "name": "cisco-pix-tcp-data-field-dos(25077)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"
          },
          {
            "name": "24140",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/24140"
          },
          {
            "name": "15525",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15525"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"
          },
          {
            "name": "20051122 Cisco PIX TCP Connection Prevention",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"
          },
          {
            "name": "20060307 Cisco PIX embryonic state machine 1b data DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"
          },
          {
            "name": "20051128 Response to Cisco PIX TCP Connection Prevention",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"
          },
          {
            "name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"
          },
          {
            "name": "VU#853540",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/853540"
          },
          {
            "name": "17670",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17670"
          },
          {
            "name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"
          },
          {
            "name": "ADV-2005-2546",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2546"
          },
          {
            "name": "20051122 Cisco PIX TCP Connection Prevention",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"
          },
          {
            "name": "20051122 Cisco PIX TCP Connection Prevention",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-11-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015256",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015256"
        },
        {
          "name": "cisco-pix-ttl-dos(25079)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"
        },
        {
          "name": "cisco-pix-tcp-data-field-dos(25077)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"
        },
        {
          "name": "24140",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/24140"
        },
        {
          "name": "15525",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15525"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"
        },
        {
          "name": "20051122 Cisco PIX TCP Connection Prevention",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"
        },
        {
          "name": "20060307 Cisco PIX embryonic state machine 1b data DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"
        },
        {
          "name": "20051128 Response to Cisco PIX TCP Connection Prevention",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"
        },
        {
          "name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"
        },
        {
          "name": "VU#853540",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/853540"
        },
        {
          "name": "17670",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17670"
        },
        {
          "name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"
        },
        {
          "name": "ADV-2005-2546",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2546"
        },
        {
          "name": "20051122 Cisco PIX TCP Connection Prevention",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"
        },
        {
          "name": "20051122 Cisco PIX TCP Connection Prevention",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3774",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of \"meaningless data,\" or (3) a TTL that is one less than needed to reach the internal destination."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015256",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015256"
            },
            {
              "name": "cisco-pix-ttl-dos(25079)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25079"
            },
            {
              "name": "cisco-pix-tcp-data-field-dos(25077)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25077"
            },
            {
              "name": "24140",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/24140"
            },
            {
              "name": "15525",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15525"
            },
            {
              "name": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html"
            },
            {
              "name": "20051122 Cisco PIX TCP Connection Prevention",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html"
            },
            {
              "name": "20060307 Cisco PIX embryonic state machine 1b data DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426989/100/0/threaded"
            },
            {
              "name": "20051128 Response to Cisco PIX TCP Connection Prevention",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml"
            },
            {
              "name": "20060307 Cisco PIX embryonic state machine TTL(n-1) DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/426991/100/0/threaded"
            },
            {
              "name": "VU#853540",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/853540"
            },
            {
              "name": "17670",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17670"
            },
            {
              "name": "20060307 RE: Cisco PIX embryonic state machine 1b data DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/427041/100/0/threaded"
            },
            {
              "name": "ADV-2005-2546",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2546"
            },
            {
              "name": "20051122 Cisco PIX TCP Connection Prevention",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/417458/30/0/threaded"
            },
            {
              "name": "20051122 Cisco PIX TCP Connection Prevention",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3774",
    "datePublished": "2005-11-23T00:00:00",
    "dateReserved": "2005-11-22T00:00:00",
    "dateUpdated": "2024-08-07T23:24:36.214Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3815 (GCVE-0-2008-3815)
Vulnerability from cvelistv5
Published
2008-10-23 21:00
Modified
2024-08-07 09:53
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1021090",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021090"
          },
          {
            "name": "oval:org.mitre.oval:def:5983",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983"
          },
          {
            "name": "31864",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31864"
          },
          {
            "name": "32360",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32360"
          },
          {
            "name": "1021089",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021089"
          },
          {
            "name": "cisco-pix-asa-ntdomain-authentication-bypass(46024)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46024"
          },
          {
            "name": "20081022 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml"
          },
          {
            "name": "ADV-2008-2899",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2899"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-10-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1021090",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021090"
        },
        {
          "name": "oval:org.mitre.oval:def:5983",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983"
        },
        {
          "name": "31864",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31864"
        },
        {
          "name": "32360",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32360"
        },
        {
          "name": "1021089",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021089"
        },
        {
          "name": "cisco-pix-asa-ntdomain-authentication-bypass(46024)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46024"
        },
        {
          "name": "20081022 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml"
        },
        {
          "name": "ADV-2008-2899",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2899"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-3815",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1021090",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021090"
            },
            {
              "name": "oval:org.mitre.oval:def:5983",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5983"
            },
            {
              "name": "31864",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31864"
            },
            {
              "name": "32360",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32360"
            },
            {
              "name": "1021089",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021089"
            },
            {
              "name": "cisco-pix-asa-ntdomain-authentication-bypass(46024)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46024"
            },
            {
              "name": "20081022 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a183ba.shtml"
            },
            {
              "name": "ADV-2008-2899",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2899"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2008-3815",
    "datePublished": "2008-10-23T21:00:00",
    "dateReserved": "2008-08-27T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2464 (GCVE-0-2007-2464)
Vulnerability from cvelistv5
Published
2007-05-02 22:00
Modified
2024-08-07 13:42
Severity ?
CWE
  • n/a
Summary
Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions."
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml vendor-advisory, x_refsource_CISCO
https://exchange.xforce.ibmcloud.com/vulnerabilities/34023 vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2007/1636 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/23768 vdb-entry, x_refsource_BID
http://secunia.com/advisories/25109 third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/35333 vdb-entry, x_refsource_OSVDB
http://www.kb.cert.org/vuls/id/337508 third-party-advisory, x_refsource_CERT-VN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:32.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
          },
          {
            "name": "cisco-asa-ssl-vpn-dos(34023)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34023"
          },
          {
            "name": "ADV-2007-1636",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1636"
          },
          {
            "name": "23768",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23768"
          },
          {
            "name": "25109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25109"
          },
          {
            "name": "35333",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35333"
          },
          {
            "name": "VU#337508",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/337508"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using \"clientless SSL VPNs,\" allows remote attackers to cause a denial of service (device reload) via \"non-standard SSL sessions.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
        },
        {
          "name": "cisco-asa-ssl-vpn-dos(34023)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34023"
        },
        {
          "name": "ADV-2007-1636",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1636"
        },
        {
          "name": "23768",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23768"
        },
        {
          "name": "25109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25109"
        },
        {
          "name": "35333",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35333"
        },
        {
          "name": "VU#337508",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/337508"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2464",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using \"clientless SSL VPNs,\" allows remote attackers to cause a denial of service (device reload) via \"non-standard SSL sessions.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
            },
            {
              "name": "cisco-asa-ssl-vpn-dos(34023)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34023"
            },
            {
              "name": "ADV-2007-1636",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1636"
            },
            {
              "name": "23768",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23768"
            },
            {
              "name": "25109",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25109"
            },
            {
              "name": "35333",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35333"
            },
            {
              "name": "VU#337508",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/337508"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2464",
    "datePublished": "2007-05-02T22:00:00",
    "dateReserved": "2007-05-02T00:00:00",
    "dateUpdated": "2024-08-07T13:42:32.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1156 (GCVE-0-2009-1156)
Vulnerability from cvelistv5
Published
2009-04-09 15:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet.
References
http://www.vupen.com/english/advisories/2009/0981 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/34429 vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/34607 third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1022015 vdb-entry, x_refsource_SECTRACK
http://osvdb.org/53442 vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:48.939Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "1022015",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022015"
          },
          {
            "name": "53442",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53442"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "1022015",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022015"
        },
        {
          "name": "53442",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53442"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1156",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "1022015",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022015"
            },
            {
              "name": "53442",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53442"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1156",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:48.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1158 (GCVE-0-2009-1158)
Vulnerability from cvelistv5
Published
2009-04-09 15:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet.
References
http://www.vupen.com/english/advisories/2009/0981 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/34429 vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/34607 third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id?1022015 vdb-entry, x_refsource_SECTRACK
http://osvdb.org/53444 vdb-entry, x_refsource_OSVDB
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.268Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "1022015",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022015"
          },
          {
            "name": "53444",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53444"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "1022015",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022015"
        },
        {
          "name": "53444",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53444"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1158",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "1022015",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022015"
            },
            {
              "name": "53444",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53444"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1158",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.268Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1159 (GCVE-0-2009-1159)
Vulnerability from cvelistv5
Published
2009-04-09 15:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets.
References
http://www.vupen.com/english/advisories/2009/0981 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/34429 vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/34607 third-party-advisory, x_refsource_SECUNIA
http://osvdb.org/53446 vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1022015 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.326Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "53446",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53446"
          },
          {
            "name": "1022015",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022015"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "53446",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53446"
        },
        {
          "name": "1022015",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022015"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1159",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "53446",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53446"
            },
            {
              "name": "1022015",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022015"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1159",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2461 (GCVE-0-2007-2461)
Vulnerability from cvelistv5
Published
2007-05-02 22:00
Modified
2024-08-07 13:42
Severity ?
CWE
  • n/a
Summary
The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used.
References
http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html vendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/23763 vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1017999 vdb-entry, x_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/530057 third-party-advisory, x_refsource_CERT-VN
http://www.vupen.com/english/advisories/2007/1635 vdb-entry, x_refsource_VUPEN
http://www.securitytracker.com/id?1018000 vdb-entry, x_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/34026 vdb-entry, x_refsource_XF
http://www.osvdb.org/35330 vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/25109 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:32.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070502 DHCP Relay Agent Vulnerability in Cisco PIX and ASA Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"
          },
          {
            "name": "23763",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23763"
          },
          {
            "name": "1017999",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017999"
          },
          {
            "name": "VU#530057",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/530057"
          },
          {
            "name": "ADV-2007-1635",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1635"
          },
          {
            "name": "1018000",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018000"
          },
          {
            "name": "cisco-asa-dhcp-dos(34026)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"
          },
          {
            "name": "35330",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35330"
          },
          {
            "name": "25109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer.  NOTE: this issue only occurs when multiple DHCP servers are used."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070502 DHCP Relay Agent Vulnerability in Cisco PIX and ASA Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"
        },
        {
          "name": "23763",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23763"
        },
        {
          "name": "1017999",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017999"
        },
        {
          "name": "VU#530057",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/530057"
        },
        {
          "name": "ADV-2007-1635",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1635"
        },
        {
          "name": "1018000",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018000"
        },
        {
          "name": "cisco-asa-dhcp-dos(34026)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"
        },
        {
          "name": "35330",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35330"
        },
        {
          "name": "25109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2461",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer.  NOTE: this issue only occurs when multiple DHCP servers are used."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070502 DHCP Relay Agent Vulnerability in Cisco PIX and ASA Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080833172.html"
            },
            {
              "name": "23763",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23763"
            },
            {
              "name": "1017999",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017999"
            },
            {
              "name": "VU#530057",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/530057"
            },
            {
              "name": "ADV-2007-1635",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1635"
            },
            {
              "name": "1018000",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018000"
            },
            {
              "name": "cisco-asa-dhcp-dos(34026)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34026"
            },
            {
              "name": "35330",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35330"
            },
            {
              "name": "25109",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2461",
    "datePublished": "2007-05-02T22:00:00",
    "dateReserved": "2007-05-02T00:00:00",
    "dateUpdated": "2024-08-07T13:42:32.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-2463 (GCVE-0-2007-2463)
Vulnerability from cvelistv5
Published
2007-05-02 22:00
Modified
2024-08-07 13:42
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry.
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml vendor-advisory, x_refsource_CISCO
http://www.osvdb.org/35332 vdb-entry, x_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/1636 vdb-entry, x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/34021 vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/23768 vdb-entry, x_refsource_BID
http://secunia.com/advisories/25109 third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:42:32.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
          },
          {
            "name": "35332",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/35332"
          },
          {
            "name": "ADV-2007-1636",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1636"
          },
          {
            "name": "cisco-asa-vpn-dos(34021)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
          },
          {
            "name": "23768",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23768"
          },
          {
            "name": "25109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
        },
        {
          "name": "35332",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/35332"
        },
        {
          "name": "ADV-2007-1636",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1636"
        },
        {
          "name": "cisco-asa-vpn-dos(34021)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
        },
        {
          "name": "23768",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23768"
        },
        {
          "name": "25109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2463",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070502 LDAP and VPN Vulnerabilities in PIX and ASA Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml"
            },
            {
              "name": "35332",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/35332"
            },
            {
              "name": "ADV-2007-1636",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1636"
            },
            {
              "name": "cisco-asa-vpn-dos(34021)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34021"
            },
            {
              "name": "23768",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23768"
            },
            {
              "name": "25109",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2463",
    "datePublished": "2007-05-02T22:00:00",
    "dateReserved": "2007-05-02T00:00:00",
    "dateUpdated": "2024-08-07T13:42:32.303Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-2732 (GCVE-0-2008-2732)
Vulnerability from cvelistv5
Published
2008-09-04 16:00
Modified
2024-08-07 09:14
Severity ?
CWE
  • n/a
Summary
Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:14:14.675Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1020808",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020808"
          },
          {
            "name": "20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
          },
          {
            "name": "20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
          },
          {
            "name": "31730",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31730"
          },
          {
            "name": "cisco-pix-asa-sipinspection-dos(44866)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44866"
          },
          {
            "name": "1020809",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020809"
          },
          {
            "name": "30998",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30998"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1020808",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020808"
        },
        {
          "name": "20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
        },
        {
          "name": "20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
        },
        {
          "name": "31730",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31730"
        },
        {
          "name": "cisco-pix-asa-sipinspection-dos(44866)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44866"
        },
        {
          "name": "1020809",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020809"
        },
        {
          "name": "30998",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30998"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-2732",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1020808",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020808"
            },
            {
              "name": "20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
            },
            {
              "name": "20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
            },
            {
              "name": "31730",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31730"
            },
            {
              "name": "cisco-pix-asa-sipinspection-dos(44866)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44866"
            },
            {
              "name": "1020809",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020809"
            },
            {
              "name": "30998",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30998"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2008-2732",
    "datePublished": "2008-09-04T16:00:00",
    "dateReserved": "2008-06-16T00:00:00",
    "dateUpdated": "2024-08-07T09:14:14.675Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-2733 (GCVE-0-2008-2733)
Vulnerability from cvelistv5
Published
2008-09-04 16:00
Modified
2024-08-07 09:14
Severity ?
CWE
  • n/a
Summary
Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:14:14.172Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
          },
          {
            "name": "cisco-pix-asa-ipsecclientauth-dos(44867)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44867"
          },
          {
            "name": "1020811",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020811"
          },
          {
            "name": "20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
          },
          {
            "name": "1020810",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020810"
          },
          {
            "name": "31730",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31730"
          },
          {
            "name": "30998",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/30998"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
        },
        {
          "name": "cisco-pix-asa-ipsecclientauth-dos(44867)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44867"
        },
        {
          "name": "1020811",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020811"
        },
        {
          "name": "20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
        },
        {
          "name": "1020810",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020810"
        },
        {
          "name": "31730",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31730"
        },
        {
          "name": "30998",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/30998"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2008-2733",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml"
            },
            {
              "name": "cisco-pix-asa-ipsecclientauth-dos(44867)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44867"
            },
            {
              "name": "1020811",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020811"
            },
            {
              "name": "20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa"
            },
            {
              "name": "1020810",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020810"
            },
            {
              "name": "31730",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31730"
            },
            {
              "name": "30998",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/30998"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2008-2733",
    "datePublished": "2008-09-04T16:00:00",
    "dateReserved": "2008-06-16T00:00:00",
    "dateUpdated": "2024-08-07T09:14:14.172Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1157 (GCVE-0-2009-1157)
Vulnerability from cvelistv5
Published
2009-04-09 15:00
Modified
2024-08-07 05:04
Severity ?
CWE
  • n/a
Summary
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet.
References
http://www.vupen.com/english/advisories/2009/0981 vdb-entry, x_refsource_VUPEN
http://www.securityfocus.com/bid/34429 vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/34607 third-party-advisory, x_refsource_SECUNIA
http://osvdb.org/53445 vdb-entry, x_refsource_OSVDB
http://www.securitytracker.com/id?1022015 vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:49.092Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-0981",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0981"
          },
          {
            "name": "34429",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34429"
          },
          {
            "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
          },
          {
            "name": "34607",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34607"
          },
          {
            "name": "53445",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/53445"
          },
          {
            "name": "1022015",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022015"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-04-16T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "ADV-2009-0981",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0981"
        },
        {
          "name": "34429",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34429"
        },
        {
          "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
        },
        {
          "name": "34607",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34607"
        },
        {
          "name": "53445",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/53445"
        },
        {
          "name": "1022015",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022015"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1157",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-0981",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0981"
            },
            {
              "name": "34429",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34429"
            },
            {
              "name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
            },
            {
              "name": "34607",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34607"
            },
            {
              "name": "53445",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/53445"
            },
            {
              "name": "1022015",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022015"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1157",
    "datePublished": "2009-04-09T15:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:49.092Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}