Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances

cisco-sa-20090408-asa · High · Published · Updated

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. This security advisory outlines the details of these vulnerabilities: VPN Authentication Bypass when Account Override Feature is Used vulnerability Crafted HTTP packet denial of service (DoS) vulnerability Crafted TCP Packet DoS vulnerability Crafted H.323 packet DoS vulnerability SQL*Net packet DoS vulnerability Access control list (ACL) bypass vulnerability Workarounds are available for some of the vulnerabilities. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090408-asa.

Cisco advisory · CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2009-1155, CVE-2009-1156, CVE-2009-1157, CVE-2009-1158, CVE-2009-1159, CVE-2009-1160
Cisco Bug IDsNA
CVSS ScoreBase 7.8
Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N/E:H/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Base 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco PIX Security Appliance Software, Cisco Adaptive Security Appliance (ASA) Software 7.0.1, Cisco Adaptive Security Appliance (ASA) Software 7.0.1.4, Cisco Adaptive Security Appliance (ASA) Software 7.0.4, Cisco Adaptive Security Appliance (ASA) Software 7.0.4.2, Cisco Adaptive Security Appliance (ASA) Software 7.0.2, Cisco Adaptive Security Appliance (ASA) Software 7.0.3, Cisco Adaptive Security Appliance (ASA) Software 7.0.7.1, Cisco Adaptive Security Appliance (ASA) Software 7.0.8, Cisco Adaptive Security Appliance (ASA) Software 7.0.7, Cisco Adaptive Security Appliance (ASA) Software 7.0.6, Cisco Adaptive Security Appliance (ASA) Software 7.0.5, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.61, Cisco Adaptive Security Appliance (ASA) Software 7.1.2, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.81, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.34, Cisco Adaptive Security Appliance (ASA) Software 7.2.3.1, Cisco Adaptive Security Appliance (ASA) Software 7.2.2, Cisco Adaptive Security Appliance (ASA) Software 7.2.4, Cisco Adaptive Security Appliance (ASA) Software 7.2.3, Cisco Adaptive Security Appliance (ASA) Software 7.2.1, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.27, Cisco Adaptive Security Appliance (ASA) Software 8.0.2.11, Cisco Adaptive Security Appliance (ASA) Software 8.0.4, Cisco Adaptive Security Appliance (ASA) Software 8.0.3, Cisco Adaptive Security Appliance (ASA) Software 8.0.2, Cisco Adaptive Security Appliance (ASA) Software 8.0.1.2, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.25, Cisco Adaptive Security Appliance (ASA) Software 8.1.1, Cisco Adaptive Security Appliance (ASA) Software 8.1.2, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.15, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.16, Cisco Adaptive Security Appliance (ASA) Software

Related Products

Product CVE Evidence
Cisco PIX Security Appliance Software CVE-2009-1160 Cisco OpenVuln
Cisco PIX Security Appliance Software CVE-2009-1159 Cisco OpenVuln
Cisco PIX Security Appliance Software CVE-2009-1158 Cisco OpenVuln
Cisco PIX Security Appliance Software CVE-2009-1157 Cisco OpenVuln
Cisco PIX Security Appliance Software CVE-2009-1156 Cisco OpenVuln
Cisco PIX Security Appliance Software CVE-2009-1155 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2009-1160 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2009-1159 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2009-1158 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2009-1157 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2009-1156 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2009-1155 Cisco OpenVuln