Summary
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2011-10-06 |
| Product | Firewall Services Module Software | Last view | 2014-02-22 |
| Version | 4.0(4) | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:cisco:firewall_services_module_software | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.1 | 2014-02-22 | CVE-2014-0710 | Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic, aka Bug ID CSCuj16824. |
| 6.6 | 2013-10-13 | CVE-2013-5506 | The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4.1(13), when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080. |
| 7.8 | 2013-04-11 | CVE-2013-1155 | The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624. |
| 7.8 | 2012-03-14 | CVE-2012-0356 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367. |
| 7.8 | 2011-10-06 | CVE-2011-3303 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.6), 8.3 before 8.3(2.23), 8.4 before 8.4(2.7), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via malformed ILS traffic, aka Bug IDs CSCtq57697 and CSCtq57802. |
| 7.8 | 2011-10-06 | CVE-2011-3302 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92398 and CSCtq09989. |
| 7.8 | 2011-10-06 | CVE-2011-3301 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06062 and CSCtq09986. |
| 7.8 | 2011-10-06 | CVE-2011-3300 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCtq06065 and CSCtq09978. |
| 7.8 | 2011-10-06 | CVE-2011-3299 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to cause a denial of service (device reload) via crafted SunRPC traffic, aka Bug IDs CSCto92380 and CSCtq09972. |
| 7.9 | 2011-10-06 | CVE-2011-3298 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.3), 8.0 before 8.0(5.24), 8.1 before 8.1(2.50), 8.2 before 8.2(5), 8.3 before 8.3(2.18), 8.4 before 8.4(1.10), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7) allow remote attackers to bypass authentication via a crafted TACACS+ reply, aka Bug IDs CSCto40365 and CSCto74274. |
| 7.8 | 2011-10-06 | CVE-2011-3297 | Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when certain authentication configurations are used, allows remote attackers to cause a denial of service (module crash) by making many authentication requests for network access, aka Bug ID CSCtn15697. |
| 7.8 | 2011-10-06 | CVE-2011-3296 | Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(21), 3.2 before 3.2(22), 4.0 before 4.0(16), and 4.1 before 4.1(7), when IPv6 is used, allows remote attackers to cause a denial of service (memory corruption and module crash or hang) via vectors that trigger syslog message 302015, aka Bug ID CSCti83875. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (6) | CWE-399 | Resource Management Errors |
| 25% (3) | CWE-287 | Improper Authentication |
| 8% (1) | CWE-362 | Race Condition |
| 8% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 8% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 76090 | Cisco Multiple Product ILS Message Packet Parsing Remote DoS |
| 76089 | Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3302) |
| 76088 | Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3301) |
| 76087 | Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3300) |
| 76086 | Cisco Multiple Product SunRPC Message Packet Parsing Remote DoS (2011-3299) |
| 76085 | Cisco Multiple Product TACACS+ Reply Parsing Authentication Bypass |
| 76084 | Cisco Firewall Services Module (FWSM) Authentication Request Saturation Remot... |
| 76083 | Cisco Firewall Services Module (FWSM) IPv6 Syslog Message 302015 Log Generati... |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-A-0031 | Cisco Firewall Services Module (FWSM) Denial of Service Vulnerability Severity: Category I - VMSKEY: V0044549 |
| 2013-A-0193 | Multiple Vulnerabilities in Cisco Firewall Services Module (FWSM) Severity: Category I - VMSKEY: V0040790 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-02-24 | Name: The remote device is missing a vendor-supplied security update. File: cisco-sa-20140219-fwsm.nasl - Type: ACT_GATHER_INFO |
| 2013-10-18 | Name: The remote device is missing a vendor-supplied security update. File: cisco-sa-20131009-fwsm.nasl - Type: ACT_GATHER_INFO |
| 2013-09-17 | Name: The remote device is missing a vendor-supplied security update. File: cisco-sa-20130410-fwsm.nasl - Type: ACT_GATHER_INFO |
| 2012-04-23 | Name: The remote security device is missing a vendor-supplied security patch. File: cisco-sa-20120314-asa.nasl - Type: ACT_GATHER_INFO |
| 2011-10-25 | Name: The remote security device is missing a vendor-supplied security patch. File: cisco-sa-20111005-asa.nasl - Type: ACT_GATHER_INFO |
