Summary
Detail | |||
---|---|---|---|
Vendor | Cisco | First view | 2004-01-05 |
Product | Firewall Services Module | Last view | 2013-04-24 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5 | 2013-04-24 | CVE-2013-1195 | The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass intended access restrictions by sending network traffic during denied time periods, aka Bug IDs CSCuf79091 and CSCug45850. |
5 | 2013-04-16 | CVE-2013-1193 | The Secure Shell (SSH) implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly terminate sessions, which allows remote attackers to cause a denial of service (SSH service outage) by repeatedly establishing SSH connections, aka Bug IDs CSCue63881, CSCuf51892, CSCue78671, and CSCug26937. |
7.8 | 2012-03-14 | CVE-2012-0356 | Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367. |
7.8 | 2011-02-25 | CVE-2011-0394 | Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952. |
7.1 | 2010-08-09 | CVE-2010-2821 | Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(17.2), 4.0 before 4.0(11.1), and 4.1 before 4.1(1.2) for Catalyst 6500 series switches and 7600 series routers, when multi-mode is enabled, allows remote attackers to cause a denial of service (device reload) via crafted (1) Telnet, (2) SSH, or (3) ASDM traffic over TCP, aka Bug ID CSCtg68694. |
7.8 | 2010-08-09 | CVE-2010-2820 | Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61662. |
7.8 | 2010-08-09 | CVE-2010-2819 | Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61622. |
7.8 | 2010-08-09 | CVE-2010-2818 | Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61710. |
7.8 | 2010-02-19 | CVE-2010-0151 | The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message. |
7.8 | 2009-08-21 | CVE-2009-0638 | The Cisco Firewall Services Module (FWSM) 2.x, 3.1 before 3.1(16), 3.2 before 3.2(13), and 4.0 before 4.0(6) for Cisco Catalyst 6500 switches and Cisco 7600 routers allows remote attackers to cause a denial of service (traffic-handling outage) via a series of malformed ICMP messages. |
7.8 | 2007-12-19 | CVE-2007-5584 | Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) allows remote attackers to cause a denial of service (device reload) via crafted "data in the control-plane path with Layer 7 Application Inspections." |
6.8 | 2007-10-18 | CVE-2007-5571 | Cisco Firewall Services Module (FWSM) 3.1(6), and 3.2(2) and earlier, does not properly enforce edited ACLs, which might allow remote attackers to bypass intended restrictions on network traffic, aka CSCsj52536. |
7.8 | 2007-10-18 | CVE-2007-5570 | Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier, allows remote attackers to cause a denial of service (device reload) via a crafted HTTPS request, aka CSCsi77844. |
7.1 | 2007-10-18 | CVE-2007-5568 | Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM). |
9 | 2007-02-15 | CVE-2007-0968 | Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections. |
7.8 | 2007-02-15 | CVE-2007-0967 | Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.1) allows remote attackers to cause a denial of service (device reboot) via malformed SNMP requests. |
7.8 | 2007-02-15 | CVE-2007-0966 | Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.11), when the HTTPS server is enabled, allows remote attackers to cause a denial of service (device reboot) via certain HTTPS traffic. |
7.8 | 2007-02-15 | CVE-2007-0965 | Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request. |
5.4 | 2007-02-15 | CVE-2007-0964 | Cisco FWSM 3.x before 3.1(3.18), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a malformed HTTPS request. |
7.8 | 2007-02-15 | CVE-2007-0963 | Unspecified vulnerability in Cisco Firewall Services Module (FWSM) 3.x before 3.1(3.3), when set to log at the "debug" level, allows remote attackers to cause a denial of service (device reboot) by sending packets that are not of a particular protocol such as TCP or UDP, which triggers the reboot during generation of Syslog message 710006. |
7.8 | 2007-02-15 | CVE-2007-0962 | Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic. |
7.5 | 2006-05-09 | CVE-2006-0515 | Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. |
5 | 2005-11-18 | CVE-2005-3669 | Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. |
7.5 | 2005-05-11 | CVE-2005-1517 | Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 and earlier, when using URL, FTP, or HTTPS filtering exceptions, allows certain TCP packets to bypass access control lists (ACLs). |
5 | 2004-11-23 | CVE-2004-0112 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
44% (4) | CWE-20 | Improper Input Validation |
22% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
11% (1) | CWE-476 | NULL Pointer Dereference |
11% (1) | CWE-399 | Resource Management Errors |
11% (1) | CWE-125 | Out-of-bounds Read |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-56 | Removing/short-circuiting 'guard logic' |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:9779 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to... |
oval:org.mitre.oval:def:975 | Red Hat OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:870 | Red Hat Enterprise 3 OpenSSL do_change_cipher_spec Function Denial of Service |
oval:org.mitre.oval:def:5770 | Multiple Vendor OpenSSL 0.9.6x, 0.9.7x Null-Pointer DoS Vulnerability |
oval:org.mitre.oval:def:2621 | OpenSSL Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:902 | Red Hat OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:871 | Red Hat Enterprise 3 OpenSSL Improper Unknown Message Handling Vulnerability |
oval:org.mitre.oval:def:11755 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, w... |
oval:org.mitre.oval:def:9580 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when usin... |
oval:org.mitre.oval:def:928 | Red Hat Enterprise 3 OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:1049 | Red Hat OpenSSL Kerberos Handshake Vulnerability |
oval:org.mitre.oval:def:5226 | Cisco Systems Malformed IPSec IKE DoS Vulnerability |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
72582 | Cisco Multiple Products Malformed Skinny Client Control Protocol (SCCP) Messa... |
66969 | Cisco Firewall Services Module (FWSM) Multi-mode Unspecified Remote DoS |
66968 | Cisco Firewall Services Module (FWSM) SunRPC Inspection Feature Crafted SunRP... |
66967 | Cisco Firewall Services Module (FWSM) SunRPC Inspection Feature Crafted SunRP... |
66966 | Cisco Firewall Services Module (FWSM) SunRPC Inspection Feature Crafted SunRP... |
62432 | Cisco Multiple Products SCCP Inspection Malformed Skinny Control Message Hand... |
60990 | Cisco Multiple Products ISAKMP Protocol Unspecified Malformed Input Remote Do... |
57257 | Cisco Firewall Services Module (FWSM) Malformed ICMP Packet Handling Remote DoS |
39298 | Cisco Firewall Services Module (FWSM) Unspecified Remote DoS |
37946 | Cisco Firewall Services Module (FWSM) ACL Manipulation Unspecified Corruption |
37945 | Cisco Firewall Services Module (FWSM) Crafted MGCP Packet Inspection DoS |
37944 | Cisco Firewall Services Module (FWSM) Crafted HTTPS Request Remote DoS |
37943 | Cisco PIX / ASA Media Gateway Control Protocol (MGCP) Handling Remote DoS |
33061 | Cisco Firewall Services Module (FWSM) ACE Evaluation ACL Bypass |
33060 | Cisco Firewall Services Module (FWSM) Malformed SNMP Request Remote DoS |
33059 | Cisco Firewall Services Module (FWSM) Crafted HTTPS Traffic DoS |
33058 | Cisco Firewall Services Module (FWSM) aaa Authentication HTTP Request Overflo... |
33057 | Cisco Firewall Services Module (FWSM) aaa Authentication Malformed HTTPS Requ... |
33056 | Cisco Firewall Services Module (FWSM) Crafted Traffic Syslog Message 710006 DoS |
33055 | Cisco PIX / ASA inspect http Malformed HTTP Traffic DoS |
25453 | Cisco PIX/ASA/FWSM WebSense URL Filter Bypass |
16423 | Cisco Firewall Services Module (FWSM) TCP Packet access-list Bypass |
8897 | Cisco Firewall Services Module (FWSM) HTTP Auth Request DoS |
4318 | OpenSSL TLS Infinite Loop DoS |
4317 | OpenSSL SSL/TLS Handshake Null Pointer DoS |
OpenVAS Exploits
id | Description |
---|---|
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-05-05 | Name : HP-UX Update for AAA Server HPSBUX01011 File : nvt/gb_hp_ux_HPSBUX01011.nasl |
2009-05-05 | Name : HP-UX Update for Apache HPSBUX01019 File : nvt/gb_hp_ux_HPSBUX01019.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200403-03 (OpenSSL) File : nvt/glsa_200403_03.nasl |
2008-09-04 | Name : FreeBSD Ports: openssl, openssl-beta File : nvt/freebsd_openssl.nasl |
2008-09-04 | Name : FreeBSD Security Advisory (FreeBSD-SA-04:05.openssl.asc) File : nvt/freebsdsa_openssl1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 465-1 (openssl,openssl094,openssl095) File : nvt/deb_465_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2004-077-01 OpenSSL security update File : nvt/esoft_slk_ssa_2004_077_01.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2009-B-0040 | Cisco Firewall Services Module Denial of Service Vulnerability Severity: Category I - VMSKEY: V0019892 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-08-10 | Cisco ASA malformed SCCP packet denial of service attempt RuleID : 43525 - Type : SERVER-OTHER - Revision : 2 |
2014-01-10 | Microsoft Windows Authenticode signature verification bypass attempt RuleID : 26601 - Type : FILE-EXECUTABLE - Revision : 4 |
2014-01-10 | Microsoft Windows Authenticode signature verification bypass attempt RuleID : 26590 - Type : FILE-EXECUTABLE - Revision : 5 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2013-09-17 | Name: The remote device is missing a vendor-supplied security update. File: cisco-sa-20090819-fwsm.nasl - Type: ACT_GATHER_INFO |
2012-04-23 | Name: The remote security device is missing a vendor-supplied security patch. File: cisco-sa-20120314-asa.nasl - Type: ACT_GATHER_INFO |
2012-01-04 | Name: The remote server is vulnerable to a denial of service attack. File: openssl_0_9_6m_0_9_7d.nasl - Type: ACT_GATHER_INFO |
2011-03-09 | Name: The remote security device is missing a vendor-supplied security patch. File: cisco-sa-20110223-asa.nasl - Type: ACT_GATHER_INFO |
2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20051114-ipsec.nasl - Type: ACT_GATHER_INFO |
2009-04-23 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_68233cba777411d889ed0020ed76ef5a.nasl - Type: ACT_GATHER_INFO |
2006-07-03 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2005-830.nasl - Type: ACT_GATHER_INFO |
2006-01-25 | Name: The remote router can be crashed remotely. File: CSCed94829.nasl - Type: ACT_GATHER_INFO |
2005-11-04 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2005-830.nasl - Type: ACT_GATHER_INFO |
2005-11-04 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2005-829.nasl - Type: ACT_GATHER_INFO |
2005-11-02 | Name: The remote Fedora Core host is missing a security update. File: fedora_2005-1042.nasl - Type: ACT_GATHER_INFO |
2005-08-18 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2005-007.nasl - Type: ACT_GATHER_INFO |
2005-07-13 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2004-077-01.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30644.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30650.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30649.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30648.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30646.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30643.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30642.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30641.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30640.nasl - Type: ACT_GATHER_INFO |
2005-03-18 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30645.nasl - Type: ACT_GATHER_INFO |
2005-02-16 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30647.nasl - Type: ACT_GATHER_INFO |
2005-02-16 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_30639.nasl - Type: ACT_GATHER_INFO |