New User, Welcome!     Login

Next Page >>

Base Score

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances

TCP Connection Exhaustion Denial of Service Vulnerability
+--------------------------------------------------------

* CSCsz77717 ("TCP sessions remain in CLOSEWAIT indefinitely")

CVSS Base Score - 7.1
    Access Vector -            Network
    Access Complexity -        Medium
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None

Cisco Security Advisory: Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

Erroneous SIP Processing Vulnerabilities

CSCsq07867 - Memory corruption with traceback in SIP inspection code

CVSS Base Score - 7.8
   Access Vector - Network
   Access Complexity - Low
   Authentication - None
   Confidentiality Impact - None
   Integrity Impact - None

Cisco Security Advisory: Cisco Unified IP Phone Overflow and Denial of Service Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsj74818 - DNS Response Parsing Stack Overflow

CVSS Base Score - 10.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCtb31640 - Unauthenticated CGI Access

CVSS Base Score - 10
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server

http://intellishield.cisco.com/security/alertmanager/cvss.

* CSCtf42005 - Unauthenticated Java Servlet Access

CVSS Base Score - 10
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCtf42008 - Unauthenticated Java Servlet Access

CVSS Base Score - 10
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete

Cisco Security Advisory: SNMP Version 3 Authentication Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsf04754 - IOS SNMPv3 HMAC Authentication issue
- -----------------------------------------------------

CVSS Base Score - 10

        Access Vector            - Network
        Access Complexity        - Low
        Authentication           - None
        Confidentiality Impact   - Complete

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCsj80609 - Memory Leak Due to TCPFUZZ on Port 2444 (CTLProvider)

CVSS Base Score - 7.8
    Access Vector -             Network
    Access Complexity -         Low
    Authentication -            None
    Confidentiality Impact -    None
    Integrity Impact -          None

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCsj80609 - Memory Leak Due to TCPFUZZ on Port 2444 (CTLProvider)

CVSS Base Score - 7.8
    Access Vector -             Network
    Access Complexity -         Low
    Authentication -            None
    Confidentiality Impact -    None
    Integrity Impact -          None

MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021]

* krb5 application services may accept unkeyed PAC checksums
* krb5 KDC may accept low-entropy KrbFastArmoredReq checksums

CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:C/A:N/E:POC/RL:OF/RC:C

CVSSv2 Base Score:      7.1

Access Vector:          Network
Access Complexity:      Medium
Authentication:         None
Confidentiality Impact: None

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Network Building Mediator

environmental impact for individual networks at

http://intellishield.cisco.com/security/alertmanager/cvss

CSCtb83495 - Default credentials present on the system
CVSS Base Score - 10
  Access Vector           Network
  Access Complexity       Low
  Authentication          None
  Confidentiality Impact  Complete
  Integrity Impact        Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances

http://intellishield.cisco.com/security/alertmanager/cvss

* AAA account-override-ignore allows VPN session without correct
password (CSCsx47543)

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         None

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsq43828 and CSCsq43229 - Default users and passwords on ACE module
                            and appliance 

CVSS Base Score - 10

 Access Vector           - Network
 Access Complexity       - Low
 Authentication          - None
 Confidentiality Impact  - Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager

http://intellishield.cisco.com/security/alertmanager/cvss


* CSCth39586 ("Core dump when processing certain SIP packets")

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None

Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability

* CSCtq48990 - CiscoWorks Arbitrary Command Execution Vulnerability

CVSS Base Score - 9.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           Single
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete

ESA-2012-014: RSA enVision Multiple Vulnerabilities

EMC Identifier:ESA-2012-014

CVE Identifiers: CVE-2012-0399, CVE-2012-0400, CVE-2012-0401,
CVE-2012-0402, CVE-2012-0403

Severity Rating: CVSS Base Score: See below for scores for individual
vulnerabilities.

Affected Products:
RSA enVision 4.x

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

CSCtc38985 - CCM Coredump on SCCP StationCapabilitiesRes Message with MaxCap Exceeded

CVSS Base Score - 7.8

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None

MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]

[CVE-2009-0844]
SPNEGO implementation can read beyond buffer end

CVSSv2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:C/E:POC/RL:OF/RC:C

CVSSv2 Base Score:      8.5

Access Vector:          Network
Access Complexity:      Low
Authentication:         None
Confidentiality Impact: Partial

Cisco Security Advisory: Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

* ACE Device Manager invalid directory permissions (CSCsv66063)

CVSS Base Score - 9.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           Single
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

http://intellishield.cisco.com/security/alertmanager/cvss


CSCsm84110 - Crafted TCP ACK Packet Vulnerability 

CVSS Base Score - 7.8

    Access Vector          - Network
    Access Complexity      - Low
    Authentication         - None
    Confidentiality Impact - None

ESA-2010-013: RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision® versions prior to 3.7 SP1

people to cause denial of service on the affected system.



Common Vulnerability Scoring System (CVSS) Base Score:

The Common Vulnerability Scoring System (CVSS) Base Score for the items
identified in this advisory is CVSS v2 Base Score: 4
(AV:N/AC:L/Au:S/C:N/I:N/A:P)

MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]

CVE-2011-0281: KDC vulnerable to hang when using LDAP back end

CVSSv2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:H/RL:OF/RC:C

CVSSv2 Base Score:      7.8

Access Vector:          Network
Access Complexity:      Low
Authentication:         None
Confidentiality Impact: None

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCtf97162 - CCM Application Restarts During TCP Flood

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss


* CSCtd10712 ("NAT LDAP Vulnerability")

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

http://intellishield.cisco.com/security/alertmanager/cvss

* CSCti83875 -- Syslog message 302015 may lead to memory corruption and CP lockup

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace

http://intellishield.cisco.com/security/alertmanager/cvss

CSCtc39691 - Insufficient validation of SQL commands

CVSS Base Score - 9

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - Partial

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsx03715 - Malformed HTTP or HTTPS authentication response denial of service vulnerability
+-----------------------------------------------------

CVSS Base Score - 7.8

        Access Vector            - Network
        Access Complexity        - Low
        Authentication           - None
        Confidentiality Impact   - None

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

http://intellishield.cisco.com/security/alertmanager/cvss

* Certain packets may cause WebAuth services to hang or reload the
device (CSCsq44516)

CVSS Base Score - 6.1
    Access Vector -            Adjacent Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None

Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

PXE Encryption Message Decryption Vulnerability - IronPort Bug 8062

CVSS Base Score - 7.1
    Access Vector - Network
    Access Complexity - Medium
    Authentication - None
    Confidentiality Impact - Complete
    Integrity Impact - None

Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

http://intellishield.cisco.com/security/alertmanager/cvss

CSCse56800 - SIP-3-BADPAIR register timer expiry causes slow memory
             leak

CVSS Base Score - 7.8

        Access Vector            - Network
        Access Complexity        - Low
        Authentication           - None
        Confidentiality Impact   - None
Next Page>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!