Executive Summary
Summary | |
---|---|
Title | Multiple Vulnerabilities in Cisco PIX and Cisco ASA |
Informations | |||
---|---|---|---|
Name | cisco-sa-20081022-asa | First vendor Publication | 2008-09-22 |
Vendor | Cisco | Last vendor Modification | 2008-10-22 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. This security advisory outlines details of these vulnerabilities: * Windows NT Domain Authentication Bypass Vulnerability Note: These vulnerabilities are independent of each other. A device may be affected by one vulnerability and not affected by another. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available. |
Original Source
Url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a1 (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-287 | Improper Authentication |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5499 | |||
Oval ID: | oval:org.mitre.oval:def:5499 | ||
Title: | Cisco PIX and ASA IPv6 Denial of Service Vulnerability | ||
Description: | Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | ||
Family: | pixos | Class: | vulnerability |
Reference(s): | CVE-2008-3816 | Version: | 1 |
Platform(s): | Cisco PIX | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5597 | |||
Oval ID: | oval:org.mitre.oval:def:5597 | ||
Title: | Cisco ASA and PIX Crypto Accelerator Memory Leak Vulnerability | ||
Description: | Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator." | ||
Family: | pixos | Class: | vulnerability |
Reference(s): | CVE-2008-3817 | Version: | 1 |
Platform(s): | Cisco PIX | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5983 | |||
Oval ID: | oval:org.mitre.oval:def:5983 | ||
Title: | Cisco PIX and ASA Windows NT Domain Authentication Bypass Vulnerability | ||
Description: | Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors. | ||
Family: | pixos | Class: | vulnerability |
Reference(s): | CVE-2008-3815 | Version: | 1 |
Platform(s): | Cisco PIX | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Hardware | 1 | |
Hardware | 1 | |
Hardware | 5 | |
Hardware | 4 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
49365 | Cisco PIX / ASA Crafted IPv6 Packet Handling Remote Device Reload DoS |
49364 | Cisco PIX / ASA Microsoft Windows NT VPN Domain Authentication Bypass |
49363 | Cisco PIX / ASA Hardware Crypto Accelerator Remote Memory Leak DoS |