Vulnerabilities > Cisco > PIX Firewall
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-08-18 | CVE-2016-6366 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Buffer overflow in Cisco Adaptive Security Appliance (ASA) Software through 9.4.2.3 on ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM devices allows remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets, aka Bug ID CSCva92151 or EXTRABACON. | 8.8 |
| 2004-11-23 | CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | 5.0 |
| 2004-11-23 | CVE-2004-0079 | NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | 7.5 |
| 2004-01-05 | CVE-2003-1004 | Denial-Of-Service vulnerability in Cisco PIX Firewall and PIX Firewall Software Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall. | 5.0 |
| 2004-01-05 | CVE-2003-1003 | Improper Input Validation vulnerability in Cisco PIX Firewall and PIX Firewall Software Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | 7.8 |
| 2003-12-01 | CVE-2003-0851 | Remote Denial Of Service vulnerability in OpenSSL ASN.1 Large Recursion OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | 5.0 |
| 2002-10-04 | CVE-2002-0954 | Remote Security vulnerability in PIX Firewall The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | 7.5 |
| 1998-07-15 | CVE-1999-1582 | Unspecified vulnerability in Cisco PIX Firewall By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. | 7.5 |