Vulnerabilities > Cisco > PIX Security Appliance

DATE CVE VULNERABILITY TITLE RISK
2011-01-07 CVE-2010-4670 Resource Management Errors vulnerability in Cisco products
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier, and Cisco PIX Security Appliances devices, allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti24526.
network
low complexity
cisco CWE-399
7.8
2008-10-23 CVE-2008-3817 Resource Management Errors vulnerability in Cisco products
Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator."
network
low complexity
cisco CWE-399
7.8
2008-10-23 CVE-2008-3816 Denial of Service vulnerability in Cisco products
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
network
low complexity
cisco
7.8
2008-06-04 CVE-2008-2059 Permissions, Privileges, and Access Controls vulnerability in Cisco products
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors.
network
low complexity
cisco CWE-264
7.8
2008-06-04 CVE-2008-2058 Resource Management Errors vulnerability in Cisco products
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device.
network
low complexity
cisco CWE-399
7.8
2008-06-04 CVE-2008-2057 Unspecified vulnerability in Cisco products
The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.
network
high complexity
cisco
5.4
2008-06-04 CVE-2008-2056 Improper Input Validation vulnerability in Cisco products
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
network
low complexity
cisco CWE-20
7.8
2008-06-04 CVE-2008-2055 Improper Input Validation vulnerability in Cisco products
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.
network
low complexity
cisco CWE-20
7.8