Cisco

Pix Firewall Software

24 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2005-3669

  • EPSS 9.46%
  • Published 18.11.2005 21:03:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the...

5

CVE-2004-0112

  • EPSS 0.67%
  • Published 23.11.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a ...

5

CVE-2004-0081

  • EPSS 2.27%
  • Published 23.11.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

7.5

CVE-2004-0079

  • EPSS 2.06%
  • Published 23.11.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

5

CVE-2003-1004

  • EPSS 0.66%
  • Published 05.01.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.

7.8

CVE-2003-1003

  • EPSS 0.59%
  • Published 05.01.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.

7.5

CVE-2003-1109

Exploit
  • EPSS 18.23%
  • Published 31.12.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly e...

5

CVE-2003-0851

  • EPSS 7.2%
  • Published 01.12.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

5

CVE-2002-2140

  • EPSS 1.12%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.

6.4

CVE-2002-2139

  • EPSS 0.34%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.