The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of PIX

security threat CVE-2014-3264

Cisco ASA: denial of service via RADIUS

Synthesis of the vulnerability

An attacker can send a malicious RADIUS packet to Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 20/05/2014.
Identifiers: CSCun69561, CVE-2014-3264, VIGILANCE-VUL-14773.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can send a malicious RADIUS packet to Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2014-2181

Cisco ASA: information disclosure via HTTP Server

Synthesis of the vulnerability

An attacker can connect to the HTTP server of Cisco ASA, in order to read files, to obtain sensitive information.
Severity: 2/4.
Creation date: 06/05/2014.
Identifiers: CSCun78551, CVE-2014-2181, VIGILANCE-VUL-14704.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can connect to the HTTP server of Cisco ASA, in order to read files, to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2014-2182

Cisco ASA: denial of service via DHCPv6

Synthesis of the vulnerability

An attacker can send a special DHCPv6 packet to Cisco ASA with DHCPv6 Replay enabled, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 29/04/2014.
Identifiers: CSCun45520, CVE-2014-2182, VIGILANCE-VUL-14677.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can send a special DHCPv6 packet to Cisco ASA with DHCPv6 Replay enabled, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

cybersecurity vulnerability CVE-2014-2154

Cisco ASA: memory leak via SIP

Synthesis of the vulnerability

An attacker can create a memory leak via SIP in Cisco ASA, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 23/04/2014.
Identifiers: CSCuf67469, CVE-2014-2154, VIGILANCE-VUL-14631.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Cisco ASA product inspects SIP (Session Initiation Protocol) packets.

However, the memory allocated to process some malformed SIP packets is never freed.

An attacker can therefore create a memory leak via SIP in Cisco ASA, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

weakness note CVE-2014-2126 CVE-2014-2127 CVE-2014-2128

Cisco ASA: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Cisco ASA.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 10/04/2014.
Identifiers: CERTFR-2014-AVI-168, cisco-sa-20140409-asa, CSCua85555, CSCuh44052, CSCuj33496, CSCul70099, CVE-2014-2126, CVE-2014-2127, CVE-2014-2128, CVE-2014-2129, VIGILANCE-VUL-14573.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Cisco ASA.

An authenticated attacker can use Cisco ASDM, in order to escalate his privileges. [severity:3/4; CSCuj33496, CVE-2014-2126]

An authenticated attacker can use a feature of the Clientless SSL VPN, in order to escalate his privileges. [severity:3/4; CSCul70099, CVE-2014-2127]

An attacker can define a cookie to access to the SSL VPN web portal, in order to start a tunnel, to access to the internal network. [severity:3/4; CSCua85555, CVE-2014-2128]

An attacker can create a memory leak with SIP packets, in order to trigger a denial of service. [severity:2/4; CSCuh44052, CVE-2014-2129]
Full Vigil@nce bulletin... (Free trial)

weakness bulletin CVE-2014-0160

OpenSSL: information disclosure via Heartbeat

Synthesis of the vulnerability

An attacker can use the Heartbeat protocol on an application compiled with OpenSSL, in order to obtain sensitive information, such as keys stored in memory.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 08/04/2014.
Identifiers: 1669839, 190438, 2076225, 2962393, c04236102, c04267775, c04286049, CA20140413-01, CERTFR-2014-ALE-003, CERTFR-2014-AVI-156, CERTFR-2014-AVI-161, CERTFR-2014-AVI-162, CERTFR-2014-AVI-167, CERTFR-2014-AVI-169, CERTFR-2014-AVI-177, CERTFR-2014-AVI-178, CERTFR-2014-AVI-179, CERTFR-2014-AVI-180, CERTFR-2014-AVI-181, CERTFR-2014-AVI-198, CERTFR-2014-AVI-199, CERTFR-2014-AVI-213, cisco-sa-20140409-heartbleed, CTX140605, CVE-2014-0160, CVE-2014-0346-REJECT, DSA-2896-1, DSA-2896-2, emr_na-c04236102-7, ESA-2014-034, ESA-2014-036, ESA-2014-075, FEDORA-2014-4879, FEDORA-2014-4910, FEDORA-2014-4982, FEDORA-2014-4999, FG-IR-14-011, FreeBSD-SA-14:06.openssl, Heartbleed, HPSBMU02995, HPSBMU03025, HPSBMU03040, ICSA-14-105-03, JSA10623, MDVSA-2014:123, MDVSA-2015:062, NetBSD-SA2014-004, openSUSE-SU-2014:0492-1, openSUSE-SU-2014:0560-1, openSUSE-SU-2014:0719-1, pfSense-SA-14_04.openssl, RHSA-2014:0376-01, RHSA-2014:0377-01, RHSA-2014:0378-01, RHSA-2014:0396-01, RHSA-2014:0416-01, SA40005, SA79, SB10071, SOL15159, SPL-82696, SSA:2014-098-01, SSA-635659, SSRT101565, USN-2165-1, VIGILANCE-VUL-14534, VMSA-2014-0004, VMSA-2014-0004.1, VMSA-2014-0004.2, VMSA-2014-0004.3, VMSA-2014-0004.6, VMSA-2014-0004.7, VU#720951.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Heartbeat extension of TLS (RFC 6520) provides a keep-alive feature, without performing a renegotiation. It exchanges random data in a payload.

Version 1.0.1 of OpenSSL implements Heartbeat, which is enabled by default. The [d]tls1_process_heartbeat() function manages Heartbeat messages. However, it does not check the size of random data, and continues to read after the end of the payload, and then sends the full memory area (up to 64kb) to the peer (client or server).

An attacker can therefore use the Heartbeat protocol on an application compiled with OpenSSL, in order to obtain sensitive information, such as keys stored in memory.
Full Vigil@nce bulletin... (Free trial)

threat note CVE-2014-2120

Cisco ASA: Cross Site Scripting of WebVPN Login Page

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting in the WebVPN Login Page of Cisco ASA, in order to execute JavaScript code in the context of the web site.
Severity: 2/4.
Creation date: 19/03/2014.
Identifiers: CSCun19025, CVE-2014-2120, VIGILANCE-VUL-14444.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Cisco ASA product offers a web service.

However, it does not filter received data from the /CSCOE/logon.html page before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting in the WebVPN Login Page of Cisco ASA, in order to execute JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-0738

Cisco ASA: altering Phone Proxy CTL

Synthesis of the vulnerability

An attacker can traverse the Cisco ASA Phone Proxy, in order to alter the content of the CTL file of a phone, so it trusts the attacker.
Severity: 2/4.
Creation date: 21/02/2014.
Identifiers: 32956, BID-65708, CSCuj66770, CVE-2014-0738, VIGILANCE-VUL-14294.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Cisco ASA product offers a Phone Proxy. A phone has a CTL (Certificate Trust List).

However, an attacker can traverse the Phone Proxy, to modify the CTL file of a phone.

An attacker can therefore traverse the Cisco ASA Phone Proxy, in order to alter the content of the CTL file of a phone, so it trusts the attacker.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2014-0739

Cisco ASA: traffic passed via Phone Proxy sec_db

Synthesis of the vulnerability

An attacker can pass traffic via the Phone Proxy sec_db of Cisco ASA.
Severity: 2/4.
Creation date: 21/02/2014.
Identifiers: 32955, BID-65707, CSCuj66766, CVE-2014-0739, VIGILANCE-VUL-14293.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Cisco ASA product offers a Phone Proxy.

However, an attacker can send a special TFTP query for a configuration file, in order to pass traffic from an untrusted phone.

An attacker can therefore pass traffic via the Phone Proxy sec_db of Cisco ASA.
Full Vigil@nce bulletin... (Free trial)

security weakness CVE-2013-7306 CVE-2013-7307 CVE-2013-7308

OSPF: corrupting the routing database

Synthesis of the vulnerability

An attacker can spoof OSPF messages, in order to corrupt the routing database.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 9.
Creation date: 28/01/2014.
Identifiers: BID-65140, BID-65157, BID-65161, BID-65162, BID-65163, BID-65166, BID-65167, BID-65169, BID-65170, c03880910, CERTA-2013-AVI-487, cisco-sa-20130801-lsaospf, CSCug34469, CSCug34485, CSCug39762, CSCug39795, CSCug63304, CVE-2013-7306, CVE-2013-7307, CVE-2013-7308, CVE-2013-7309, CVE-2013-7310, CVE-2013-7311, CVE-2013-7312, CVE-2013-7313, CVE-2013-7314, HPSBHF02912, JSA10575, JSA10580, sk94490, VIGILANCE-VUL-14148, VU#229804.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The RFC 2328 defines the OSPF protocol (Open Shortest Path First) which established IP routes, using LSA (Link State Advertisement) messages.

The LSA Type 1 Update (LSU, Link-State Update) message is used to update the routing database. However, the RFC does not request to check the "Link State ID" and "Advertising Router" fields of LSU messages. Several implementations do not check for duplicates before editing their databases.

An attacker can therefore spoof OSPF messages, in order to corrupt the routing database.

This vulnerability is similar to VIGILANCE-VUL-13192.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about PIX: