Computer Security
[EN] securityvulns.ru no-pyccku


Cisco PIX / ASA multiple security vulnerabilities
Published:23.10.2008
Source:
SecurityVulns ID:9377
Type:remote
Threat Level:
6/10
Description:Windows NT domain authentication bypass, IPv6 DoS, DoS because of memory leak in crypto accelerator
Affected:CISCO : PIX 7.0
 CISCO : PIX 7.1
 CISCO : PIX 7.2
 CISCO : PIX 8.0
 CISCO : PIX 8.1
CVE:CVE-2008-3817 (Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator.")
 CVE-2008-3816 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.)
 CVE-2008-3815 (Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors.)
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and Cisco ASA (23.10.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod