Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-4194 | 1 Cisco | 8 Pix Firewall 501, Pix Firewall 506, Pix Firewall 515 and 5 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| ** DISPUTED ** Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue. | |||||
| CVE-2005-4499 | 1 Cisco | 21 Adaptive Security Appliance Software, Pix Asa Ids, Pix Firewall and 18 more | 2025-04-03 | 7.5 HIGH | N/A |
| The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. | |||||
| CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | |||||
| CVE-2003-1003 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2025-04-03 | 7.8 HIGH | N/A |
| Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | |||||
| CVE-2000-1022 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 7.5 HIGH | N/A |
| The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands. | |||||
| CVE-2002-1024 | 1 Cisco | 4 Catos, Css11000 Content Services Switch, Ios and 1 more | 2025-04-03 | 7.1 HIGH | N/A |
| Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). | |||||
| CVE-2006-0515 | 1 Cisco | 4 Adaptive Security Appliance Software, Firewall Services Module, Pix Firewall and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
| Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. | |||||
| CVE-2000-1027 | 1 Cisco | 1 Pix Firewall Software | 2025-04-03 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. | |||||