New User, Welcome!     Login

Next Page >>

Cisco ASA

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security
Appliances and Cisco Catalyst 6500 Series ASA Services Module

Advisory ID: cisco-sa-20120314-asa

Revision 1.0

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500
Series Adaptive Security Appliances

Advisory ID: cisco-sa-20110223-asa

Revision 1.0

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive
Security Appliance and Cisco PIX Security Appliances

Advisory ID: cisco-sa-20090408-asa

http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500
Series Adaptive Security Appliances

Advisory ID: cisco-sa-20100804-asa

http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500
Series Adaptive Security Appliances

Advisory ID: cisco-sa-20100217-asa

Revision 1.0

Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security
Appliance Clientless VPN ActiveX Control Remote Code Execution
Vulnerability

Advisory ID: cisco-sa-20120314-asaclient

Revision 1.0

Cisco Security Advisory: Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASA

Summary
=======

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive
Security Appliances and Cisco PIX Security Appliances that may result
in a reload of the device or disclosure of confidential information.
This security advisory outlines details of the following
vulnerabilities:

  * Erroneous SIP Processing Vulnerabilities

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

Summary
=======

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive
Security Appliances and Cisco PIX Security Appliances. This security
advisory outlines details of these vulnerabilities:

  * Crafted TCP ACK Packet Vulnerability
  * Crafted TLS Packet Vulnerability
  * Instant Messenger Inspection Vulnerability

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA

Summary
=======

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive
Security Appliances and Cisco PIX Security Appliances. This security
advisory outlines details of these vulnerabilities:

  * Windows NT Domain Authentication Bypass Vulnerability
  * IPv6 Denial of Service Vulnerability
  * Crypto Accelerator Memory Leak Vulnerability

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500
Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA
Services Module

Advisory ID: cisco-sa-20111005-asa

Revision 1.0

Trustwave's SpiderLabs Security Advisory TWSL2009-002

Vendor: Cisco Systems, Inc. (http://www.cisco.com)

Versions affected: 8.0(4), 8.1.2, and 8.2.1

Description: Cisco's Adaptive Security Appliance (ASA)
provides a number of security related features, including
"Web VPN" functionality that allows authenticated users to
access a variety of content through a web interface. This
includes other web content, FTP servers, and CIFS file
servers.

[SWRX-2010-001] Cisco ASA HTTP Response Splitting Vulnerability

Release mode: Coordinated release
Discovered by: Daniel King, SecureWorks


Summary
Cisco Adaptive Security Appliance (ASA) is vulnerable to HTTP response splitting caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s web browser within the security context of the Adaptive Security Appliance site.


Affected Products
Cisco ASA version 8.1(1) and earlier.

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

This advisory is posted at:

http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml

Note:  The Cisco ASA 5500 Series Adaptive Security Appliances are
affected by the SunRPC inspection vulnerabilities described in this
advisory. A separate Cisco Security Advisory has been published to
disclose this and other vulnerabilities that affect the Cisco ASA
5500 Series Adaptive Security Appliances. The advisory is available
at:

RE: Cisco Security Advisory: Cisco PIX and ASA Time-to-Live Vulnerability

Summary
=======

A crafted IP packet vulnerability exists in the Cisco PIX 500 Series
Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security
Appliance (ASA) that may result in a reload of the device. This
vulnerability is triggered during processing of a crafted IP packet when
the Time-to-Live (TTL) decrement feature is enabled.

Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0028 has
been assigned to this vulnerability.

Cisco Security Advisory: Cisco PIX and ASA Time-to-Live Vulnerability

Summary
=======

A crafted IP packet vulnerability exists in the Cisco PIX 500 Series
Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security
Appliance (ASA) that may result in a reload of the device. This
vulnerability is triggered during processing of a crafted IP packet when
the Time-to-Live (TTL) decrement feature is enabled.

Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0028 has
been assigned to this vulnerability.

Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA Appliances

Summary
=======

Two crafted packet vulnerabilities exist in the Cisco PIX 500 Series
Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security
Appliance (ASA) that may result in a reload of the device. These
vulnerabilities are triggered during processing of Media Gateway
Control Protocol (MGCP) packets, or during processing of Transport
Layer Security (TLS) traffic that terminates on the PIX or ASA security
appliance.

Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability

http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=3.5.841&mdfid=280277835&sftType=CSD+package-+ASA+Distribution&optPlat=&nodecount=2&edesignator=null&modelName=Cisco+Secure+Desktop&treeMdfId=268438162&treeName=Security&modifmdfid=null&imname=&hybrid=&imst=&lr=Y

Note: Cisco Secure Desktop versions 3.0 and 3.1 are only supported
for operation with certain versions of Cisco IOS software and Cisco
Adaptive Security Appliance (ASA) software version 7.x. Cisco Secure
Desktop versions 3.2 through 3.5 are only supported for operation
with Cisco ASA software version 8.x. Customers running Cisco Secure
Desktop versions 3.2 through 3.5 with a supported Cisco ASA software
version are encouraged to upgrade to Cisco Secure Desktop version
3.5.841.

[ISecAuditors Security Advisories] Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass

- Severity: 4/10 (CVSS Base Score)
=============================================

I. VULNERABILITY
-------------------------
Cisco ASA <= 8.x VPN SSL module Clientless URL-list control bypass

II. BACKGROUND
-------------------------
Cisco VPN SSL [1] is a module for Cisco ASA and Cisco Integrated
Services Routers to extend network resources to virtually any remote

Cisco Security Advisory: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability

    FWSM Version: 3.2(2)10

Products Confirmed Not Vulnerable
+--------------------------------

The Cisco ASA 5500 Series Adaptive Security Appliances are affected
by the vulnerability in this advisory. A separate Cisco Security
Advisory has been published to disclose this and other
vulnerabilities that affect the Cisco ASA 5500 Series Adaptive
Security Appliances. The advisory is available at:

Cisco Security Advisory: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability

vulnerability.

This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20110223-fwsm.shtml.

Note: Cisco ASA 5500 Series Adaptive Security Appliances are
affected by the vulnerability described in this advisory. A
separate Cisco Security Advisory has been published to disclose
this and other vulnerabilities that affect the Cisco ASA 5500
Series Adaptive Security Appliances. The advisory is available at
http://www.cisco.com/warp/public/707/cisco-sa-20110223-asa.shtml.

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module

vulnerabilities disclosed in this advisory.

This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml

Note: Cisco ASA 5500 Series Adaptive Security Appliances and the
Cisco Catalyst 6500 Series ASA Services Module are affected by some
of the vulnerabilities described in this advisory. A separate Cisco
Security Advisory has been published to disclose these and other
vulnerabilities that affect the Cisco ASA 5500 Series Adaptive
Security Appliances and the Cisco Catalyst 6500 Series ASA Services

Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Vulnerability

No other Cisco products are currently known to be affected by this
vulnerability. Products confirmed not vulnerable include:

  * Cisco PIX 500 Series Firewall
  * Cisco ASA 5500 Series Adaptive Security Appliance
  * Firewall Services Module (FWSM) for Catalyst 6500 Series Switches
    and 7600 Series Routers
  * Virtual Firewall (VFW) application on the multiservice blade
    (MSB) on the Cisco XR 12000 Series Router
  * Cisco ACE Application Control Engine Module

Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability

| Cisco Application          | CSCtd01480                    |
| Networking Manager         |                               |
|----------------------------+-------------------------------|
| Cisco ASA 5500 Series      | CSCtd00697                    |
| Adaptive Security          |                               |
| Appliances                 |                               |
|----------------------------+-------------------------------|
| Cisco ASA Advanced         |                               |
| Inspection and Prevention  | CSCtd01539                    |
| (AIP) Security Services    |                               |
| Module                     |                               |

NGS00014 Patch Notification: Cisco IPSec VPN Implementation Group Name Enumeration

Cisco IPSec VPN Implementation Group Name Enumeration

01/12/2010

Gavin Jones of NGS Secure has discovered a vulnerability in (Cisco) Cisco VPN Concentrator, Cisco PIX and Cisco Adaptive Security Appliance.

Versions affected include:

-Cisco ASA 5500 Series Adaptive Security Appliances
-Cisco PIX 500 Series Security Appliances

Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability

vulnerability. There are no workarounds available that mitigate this
vulnerability. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-fwsm

Note: The Cisco Adaptive Security Appliance (ASA) and the Cisco
Catalyst 6500 ASA Services Module (ASASM) are also affected by this
vulnerability.

A separate Cisco Security Advisory has been published to disclose the
vulnerabilities that affect the ASA and ASASM. That advisory is

Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities

+--------------------------------

The following products are confirmed not vulnerable:

  * Cisco PIX 500 Series Firewall
  * Cisco ASA 5500 Series Adaptive Security Appliance
  * Firewall Services Module (FWSM) for Catalyst 6500 Series Switches
    and 7600 Series Routers
  * Virtual Firewall (VFW) application on the multiservice blade
    (MSB) on the Cisco XR 12000 Series Router
  * Cisco ACE Application Control Engine Module

Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module

normally be permitted. Affected versions include 3.1(6) and prior and
3.2(2) and prior. Version 2.3.x is not affected.

In addition to the FWSM, the crafted MGCP packet vulnerability
also affects the PIX 500 Series Security Appliances and the
Cisco ASA 5500 Series Adaptive Security Appliances. More
information regarding vulnerabilities affecting the PIX
and ASA can be found in the companion advisory located at
http://www.cisco.com/warp/public/707/cisco-sa-20071017-asa.shtml.

To determine if you are running a vulnerable version of FWSM software,

Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability

Products Confirmed Not Vulnerable
+--------------------------------

The following products are confirmed not vulnerable:

  * Cisco ASA 5500 Series Adaptive Security Appliances
  * Cisco Catalyst 6500 Series ASA Services Module
  * Cisco Catalyst 6500 Series Firewall Services Module
  * Cisco Fabric Manager
  * Cisco Identity Services Engine
  * Cisco Intercompany Media Engine

RE: Cisco ASA5520 Web VPN Host Header XSS

This is the Cisco PSIRT response to an issue discovered and reported to
Cisco by Bugs NotHugs regarding a cross-site scripting vulnerability in
the Cisco Adaptive Security Appliance (ASA) clientless SSL VPN feature.
Cisco PSIRT greatly appreciates the opportunity to work with researchers
on security vulnerabilities, and welcomes the opportunity to review and
assist in product reports. PSIRT would like to thank Bugs NotHugs for
reporting this issue to us. 

Cisco has release an IntelliShield Alert on this vulnerability, which is
available at:

Cisco Security Advisory: Cisco IOS SSL VPN Vulnerability

Products Confirmed Not Vulnerable
+--------------------------------

The following products are not affected by this vulnerability:

  * Cisco ASA 5500 Series Adaptive Security Appliances
  * Cisco IOS XR Software
  * Cisco IOS XE Software

No other Cisco products are currently known to be affected by this
vulnerability.
Next Page>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!