Computer Security
[EN] securityvulns.ru
no-pyccku



Cisco PIX / ASA multiple security vulnerabilities
Published:23.10.2008
Source:BUGTRAQ
SecurityVulns ID:9377
Type:remote
Level:6/10
Description:Windows NT domain authentication bypass, IPv6 DoS, DoS because of memory leak in crypto accelerator
Affected:CISCO : PIX 7.0
 CISCO : PIX 7.1
 CISCO : PIX 7.2
 CISCO : PIX 8.0
 CISCO : PIX 8.1
CVE:CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator.")
 CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.)
 CVE-2008-3815 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.)
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA (23.10.2008)
Discuss:Read or add your comments to this news (0 comments)


Show Threads
Messages
 
Login:* (Register)
Password:*
(private) To:
(reply) Subject:*
Text:

Main Forum (Eng)

General security questions not appropriate for another forums.
3proxy Forum (Eng)

All 3proxy question must be posted to this forum.
Bugs, Vulnerabilities, PoCs and Exploits (Eng)

All vulnerability related questions, vulnerability digging and exploit creation.
Windows programming and administration (Eng)

Administering Windows and application development.
Unix programming and administation (Eng)

Administering Unix and application development.
Test forum

Please post all test messages here. All test messages from different forums will be deteted.
Main Forum (Rus)
3proxy Forum (Rus)
Bugs, Vulnerabilities, PoCs and Exploits (Rus)
Windows programming and administration (Rus)
Unix programming and administation (Rus)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru
test server