The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of PIX

vulnerability note CVE-2014-2120

Cisco ASA: Cross Site Scripting of WebVPN Login Page

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in the WebVPN Login Page of Cisco ASA, in order to execute JavaScript code in the context of the web site.
Impacted products: ASA.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 19/03/2014.
Identifiers: CSCun19025, CVE-2014-2120, VIGILANCE-VUL-14444.

Description of the vulnerability

The Cisco ASA product offers a web service.

However, it does not filter received data from the /CSCOE/logon.html page before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in the WebVPN Login Page of Cisco ASA, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2014-0738

Cisco ASA: altering Phone Proxy CTL

Synthesis of the vulnerability

An attacker can traverse the Cisco ASA Phone Proxy, in order to alter the content of the CTL file of a phone, so it trusts the attacker.
Impacted products: ASA.
Severity: 2/4.
Consequences: data creation/edition.
Provenance: intranet client.
Creation date: 21/02/2014.
Identifiers: 32956, BID-65708, CSCuj66770, CVE-2014-0738, VIGILANCE-VUL-14294.

Description of the vulnerability

The Cisco ASA product offers a Phone Proxy. A phone has a CTL (Certificate Trust List).

However, an attacker can traverse the Phone Proxy, to modify the CTL file of a phone.

An attacker can therefore traverse the Cisco ASA Phone Proxy, in order to alter the content of the CTL file of a phone, so it trusts the attacker.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2014-0739

Cisco ASA: traffic passed via Phone Proxy sec_db

Synthesis of the vulnerability

An attacker can pass traffic via the Phone Proxy sec_db of Cisco ASA.
Impacted products: ASA.
Severity: 2/4.
Consequences: data flow.
Provenance: intranet client.
Creation date: 21/02/2014.
Identifiers: 32955, BID-65707, CSCuj66766, CVE-2014-0739, VIGILANCE-VUL-14293.

Description of the vulnerability

The Cisco ASA product offers a Phone Proxy.

However, an attacker can send a special TFTP query for a configuration file, in order to pass traffic from an untrusted phone.

An attacker can therefore pass traffic via the Phone Proxy sec_db of Cisco ASA.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2013-7306 CVE-2013-7307 CVE-2013-7308

OSPF: corrupting the routing database

Synthesis of the vulnerability

An attacker can spoof OSPF messages, in order to corrupt the routing database.
Impacted products: CheckPoint IP Appliance, IPSO, CheckPoint Security Gateway, Cisco ASR, ASA, Cisco Catalyst, IOS by Cisco, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Router, ProCurve Switch, HP Switch, Juniper E-Series, Juniper J-Series, JUNOSe, Junos OS, NetScreen Firewall, ScreenOS.
Severity: 3/4.
Consequences: data creation/edition, data deletion.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 9.
Creation date: 28/01/2014.
Identifiers: BID-65140, BID-65157, BID-65161, BID-65162, BID-65163, BID-65166, BID-65167, BID-65169, BID-65170, c03880910, CERTA-2013-AVI-487, cisco-sa-20130801-lsaospf, CSCug34469, CSCug34485, CSCug39762, CSCug39795, CSCug63304, CVE-2013-7306, CVE-2013-7307, CVE-2013-7308, CVE-2013-7309, CVE-2013-7310, CVE-2013-7311, CVE-2013-7312, CVE-2013-7313, CVE-2013-7314, HPSBHF02912, JSA10575, JSA10580, sk94490, VIGILANCE-VUL-14148, VU#229804.

Description of the vulnerability

The RFC 2328 defines the OSPF protocol (Open Shortest Path First) which established IP routes, using LSA (Link State Advertisement) messages.

The LSA Type 1 Update (LSU, Link-State Update) message is used to update the routing database. However, the RFC does not request to check the "Link State ID" and "Advertising Router" fields of LSU messages. Several implementations do not check for duplicates before editing their databases.

An attacker can therefore spoof OSPF messages, in order to corrupt the routing database.

This vulnerability is similar to VIGILANCE-VUL-13192.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-0655

Cisco ASA: modify the user cache of IDFW

Synthesis of the vulnerability

An attacker can send a RADIUS CoA (Change of Authorization) message to IDFW of Cisco ASA, in order to modify the user cache of IDFW.
Impacted products: ASA.
Severity: 2/4.
Consequences: user access/rights, denial of service on service.
Provenance: intranet client.
Creation date: 08/01/2014.
Identifiers: BID-64700, CSCuj45332, CVE-2014-0655, VIGILANCE-VUL-14036.

Description of the vulnerability

An attacker can send a RADIUS CoA (Change of Authorization) message to IDFW of Cisco ASA, in order to modify the user cache of IDFW.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-0653

Cisco ASA: denial of service via NetBIOS Logout Probe

Synthesis of the vulnerability

An attacker can send a malicious NetBIOS Logout Probe reply to Cisco ASA, in order to trigger a denial of service on the currently authorized user.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: intranet client.
Creation date: 08/01/2014.
Identifiers: BID-64708, CSCuj45340, CVE-2014-0653, VIGILANCE-VUL-14035.

Description of the vulnerability

The NetBIOS Logout Probe feature can be enabled on IDFW (Identity Firewall) of Cisco ASA.

An attacker can send a malicious NetBIOS Logout Probe reply to Cisco ASA, in order to trigger a denial of service on the currently authorized user.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2013-6707

Cisco ASA: memory leak via Management

Synthesis of the vulnerability

An unauthenticated attacker can create a memory leak in the Management sessions (SSH, Telnet, HTTP and HTTPS) of Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 06/12/2013.
Identifiers: BID-64148, CSCug33233, CVE-2013-6707, VIGILANCE-VUL-13886.

Description of the vulnerability

An unauthenticated attacker can create a memory leak in the Management sessions (SSH, Telnet, HTTP and HTTPS) of Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2013-6696

Cisco ASA: denial of service via DNS Reply

Synthesis of the vulnerability

An attacker can send malformed DNS replies to Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet server.
Creation date: 02/12/2013.
Identifiers: BID-64037, CSCuj28861, CVE-2013-6696, VIGILANCE-VUL-13851.

Description of the vulnerability

An attacker can send malformed DNS replies to Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2013-5560

Cisco ASA: denial of service via IPv6 NAT

Synthesis of the vulnerability

An attacker can send an IPv6 packet, which is translated on Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: internet client.
Creation date: 12/11/2013.
Identifiers: BID-63650, CSCue34342, CVE-2013-5560, VIGILANCE-VUL-13738.

Description of the vulnerability

An attacker can send an IPv6 packet, which is translated on Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2013-5568

Cisco ASA: denial of service via Auto-Update

Synthesis of the vulnerability

An attacker can provide malicious Auto-Update data, to reload Cisco ASA, in order to trigger a denial of service.
Impacted products: ASA.
Severity: 2/4.
Consequences: denial of service on server.
Provenance: document.
Creation date: 12/11/2013.
Identifiers: BID-63628, CSCui33308, CVE-2013-5568, VIGILANCE-VUL-13737.

Description of the vulnerability

An attacker can provide malicious Auto-Update data, to reload Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about PIX: