VYPR

Pix Firewall Software

by Cisco Systems, Inc.

CVEs (48)

  • CVE-2002-2139Dec 31, 2002
    risk 0.00cvss epss 0.01

    Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.

  • CVE-2002-2140Dec 31, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.

  • CVE-2002-1024Oct 4, 2002
    risk 0.00cvss epss 0.03

    Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

  • CVE-2002-0954Oct 4, 2002
    risk 0.00cvss epss 0.01

    The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques.

  • CVE-2000-0150Feb 12, 2000
    risk 0.00cvss epss 0.02

    Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.

  • CVE-1999-0158Aug 31, 1998
    risk 0.00cvss epss 0.01

    Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.

  • CVE-1999-0157Aug 18, 1998
    risk 0.00cvss epss 0.01

    Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.

  • CVE-1999-1582Jul 15, 1998
    risk 0.00cvss epss 0.02

    By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if…

Page 3 of 3