Cisco Adaptive Security Appliance Software vulnerabilities

CVE-2012-4663 [HIGH] CWE-119 CVE-2012-4663: The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and th The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 760

CVE-2012-4662 [HIGH] CWE-119 CVE-2012-4662: The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and th The DCERPC inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.13) and the Firewall Services Module (FWSM) 4.1 before 4.1(7) in Cisco Catalyst 6500 series switches and 760

CVE-2012-4643 [HIGH] CWE-399 CVE-2012-4643: The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Service The DHCP server on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 before 7.2(5.8), 7.1 before 7.2(5.8), 7.2 before 7.2(5.8), 8.0 before 8.0(5.28), 8.1 before 8.1(2.56), 8.2 before 8.2(5.27), 8.3 before 8.3(2.31), 8.4 before 8.4(3.10), 8.5 before 8

CVE-2012-4660 [HIGH] CWE-119 CVE-2012-4660: The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the A The SIP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.17), 8.3 before 8.3(2.28), 8.4 before 8.4(2.13), 8.5 before 8.5(1.4), and 8.6 before 8.6(1.5) allows remote attackers to cause a denial of service (device rel

CVE-2012-2472 [HIGH] CWE-399 CVE-2012-2472: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 and 8.4, when SIP ins Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 and 8.4, when SIP inspection is enabled, create many identical pre-allocated secondary pinholes, which might allow remote attackers to cause a denial of service (CPU consumption) via crafted SIP traffic, aka Bug ID CSCtz63143.

CVE-2012-2474 [MEDIUM] CWE-200 CVE-2012-2474: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 throug Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank response page) by using the clientless WebVPN feature, aka Bug ID CSCth34278.

CVE-2012-3058 [HIGH] CVE-2012-3058: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(4.1), 8.5 before 8.5(1.11), and 8.6 before 8.6(1.3) allow remote attackers to cause a denial of service (device reload) via IPv6 transit traffic that triggers syslog message 110003, aka Bug ID CSCu

CVE-2012-0378 [HIGH] CWE-189 CVE-2012-0378: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow rem Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service (connection limit exceeded) by triggering a large number of stale connections that result in an incorrect value for an MPF connection count, aka Bug ID CSCtv19854.

CVE-2011-4006 [HIGH] CWE-20 CVE-2011-4006: The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with so The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.5 allows remote attackers to cause a denial of service (CPU consumption) via an unspecified closing sequence, aka Bug ID CSCtt32565.

CVE-2012-0335 [MEDIUM] CWE-287 CVE-2012-0335: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not pr Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 through 8.4 do not properly perform proxy authentication during attempts to cut through a firewall, which allows remote attackers to obtain sensitive information via a connection attempt, aka Bug ID CSCtx42746.

CVE-2011-3309 [MEDIUM] CWE-200 CVE-2011-3309: Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process I Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, aka Bug ID CSCtt07749.

CVE-2011-3285 [MEDIUM] CWE-20 CVE-2011-3285: CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101.

CVE-2012-0358 [CRITICAL] CWE-119 CVE-2012-0358: Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through th Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8

CVE-2012-0356 [HIGH] CWE-20 CVE-2012-0356: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM)

CVE-2012-0353 [HIGH] CWE-20 CVE-2012-0353: The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the A The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows

CVE-2012-0354 [HIGH] CWE-20 CVE-2012-0354: The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and th The Threat Detection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 through 8.2 before 8.2(5.20), 8.3 before 8.3(2.29), 8.4 before 8.4(3), 8.5 before 8.5(1.6), and 8.6 before 8.6(1.1) allows remote attackers to cause a denial of service

CVE-2012-0355 [HIGH] CWE-20 CVE-2012-0355: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634.

CVE-2011-2060 [MEDIUM] CWE-399 CVE-2011-2060: The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted descript

CVE-2011-3301 [HIGH] CWE-399 CVE-2011-3301: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.0 before 7.0(8.13), 7.1 and 7.2 before 7.2(5.4), 8.0 before 8.0(5.25), 8.1 and 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2.6), and 8.5 before 8.5(1.1) and Cisco Firewall Services Module (aka FW

CVE-2011-3304 [HIGH] CWE-399 CVE-2011-3304: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco C Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services module in Cisco Catalyst 6500 series devices, with software 7.2 before 7.2(5.3), 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.11), 8.3 before 8.3(2.23), 8.4 before 8.4(2), and 8.5 before 8.5(1.1) allow remote attackers to cause a denial of service (device