11 results (0.025 seconds)

CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 1

Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which network exposure was unintended. Las series de dispositivos Cisco Catalyst 6500 y Cisco 7600 utilizan direcciones IP 127/8 para el Canal Ethernet Fuera de Banda (EOBC, Ethernet Out-of-Band Channel), lo cual permite a atacantes remotos enviar paquetes a una interfaz para la cual la exposición de la red no era intencionada. • http://seclists.org/fulldisclosure/2007/Sep/0573.html http://secunia.com/advisories/26988 http://securitytracker.com/id?1018742 http://www.cisco.com/warp/public/707/cisco-sr-20070926-lb.shtml http://www.securityfocus.com/bid/25822 http://www.securitytracker.com/id?1018743 http://www.vupen.com/english/advisories/2007/3276 https://exchange.xforce.ibmcloud.com/vulnerabilities/36826 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.8EPSS: 0%CPEs: 167EXPL: 1

Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. Conmutadores Cisco Catalyst no especificados permiten a atacantes remotos causar una denegación de servicio (caída de dispositivo) mediante un paquete IP con IPs y puertos de origen y destino iguales y con la bandera SYN. (tcc LanD). NOTA: La proveniencia de esta cuestión es desconocida; los detalles son obtenidos exclusivamente de BID. • http://www.securityfocus.com/bid/15864 https://exchange.xforce.ibmcloud.com/vulnerabilities/44543 •

CVSS: 5.0EPSS: 0%CPEs: 69EXPL: 0

Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. • http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml http://www.kb.cert.org/vuls/id/645400 http://www.securityfocus.com/bid/5030 https://exchange.xforce.ibmcloud.com/vulnerabilities/6179 •

CVSS: 5.0EPSS: 0%CPEs: 294EXPL: 0

Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack." Cisco CatOS anteriores a 5.5(20) a 8.x anteriores a 8.2(2) y 8.3(3) GLX, usados en conmutadores Catalyst, permiten a atacantes remotos causar una denegación de servicio (caída del sistema y reinicio) enviando paquétes no válidos en lugar de la porción final ACK del apretón de manos (handshake) en tres pasos a los servicios (1) Telnet, (2) HTTP, o (3) SSH. También conocida como aka "ataque de DoS TCP-ACK ". • http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml http://www.kb.cert.org/vuls/id/245190 https://exchange.xforce.ibmcloud.com/vulnerabilities/16370 •

CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 0

Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. Desbordamiento de búfer en el Módulo de Servicios de Cortafuegos Cisco (FWSM) en dispositivos de la seria Cisco Cayalyst 6500 y 7600 permiten a atacantes remotos causar una denegación de servicio (caída y recarga) mediante una petición HTTP auth para autenticación TACACS+ o RADIUS. • http://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml •