Search Results (44 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-4499 1 Cisco 21 Adaptive Security Appliance Software, Pix Asa Ids, Pix Firewall and 18 more 2026-04-16 N/A
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
CVE-1999-1582 1 Cisco 1 Pix Firewall 2026-04-16 N/A
By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.
CVE-1999-0158 1 Cisco 1 Pix Firewall Software 2026-04-16 N/A
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.
CVE-2001-1098 1 Cisco 1 Pix Firewall Manager 2026-04-16 N/A
Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.
CVE-2000-1027 1 Cisco 1 Pix Firewall Software 2026-04-16 N/A
Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.
CVE-2006-0515 1 Cisco 4 Adaptive Security Appliance Software, Firewall Services Module, Pix Firewall and 1 more 2026-04-16 N/A
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.
CVE-2002-1024 1 Cisco 4 Catos, Css11000 Content Services Switch, Ios and 1 more 2026-04-16 N/A
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
CVE-2004-0112 24 4d, Apple, Avaya and 21 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2026-04-16 N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2003-1109 1 Cisco 4 Ios, Ip Phone 7940, Ip Phone 7960 and 1 more 2026-04-16 N/A
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
CVE-2003-1004 1 Cisco 2 Pix Firewall, Pix Firewall Software 2026-04-16 N/A
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.
CVE-2000-0613 1 Cisco 1 Pix Firewall 2026-04-16 N/A
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
CVE-2000-1022 1 Cisco 1 Pix Firewall Software 2026-04-16 N/A
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
CVE-2001-0375 1 Cisco 2 Pix Firewall 515, Pix Firewall 520 2026-04-16 N/A
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
CVE-2010-2817 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 N/A
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.
CVE-2010-2814 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.
CVE-2013-0149 1 Cisco 7 Asa 5500, Fwsm, Ios and 4 more 2025-04-11 N/A
The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.
CVE-2010-2816 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 N/A
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
CVE-2010-1581 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.
CVE-2010-1579 1 Cisco 19 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 16 more 2025-04-11 N/A
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922.
CVE-2010-2815 1 Cisco 17 Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 and 14 more 2025-04-11 N/A
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.