Filtered by vendor Cisco Subscriptions
Filtered by product Pix Firewall Software Subscriptions
Total 28 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-1999-0157 1 Cisco 2 Ios, Pix Firewall Software 2025-04-03 N/A
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
CVE-2004-0112 24 4d, Apple, Avaya and 21 more 65 Webstar, Mac Os X, Mac Os X Server and 62 more 2025-04-03 N/A
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVE-2000-1022 1 Cisco 1 Pix Firewall Software 2025-04-03 N/A
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
CVE-2002-2139 1 Cisco 1 Pix Firewall Software 2025-04-03 N/A
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
CVE-2002-2140 1 Cisco 1 Pix Firewall Software 2025-04-03 N/A
Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.
CVE-2006-3906 1 Cisco 21 Adaptive Security Appliance Software, Ios, Pix Asa Ids and 18 more 2025-04-03 N/A
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
CVE-2006-4194 1 Cisco 8 Pix Firewall 501, Pix Firewall 506, Pix Firewall 515 and 5 more 2025-04-03 N/A
Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue
CVE-2002-1024 1 Cisco 4 Catos, Css11000 Content Services Switch, Ios and 1 more 2025-04-03 N/A
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).