9 results (0.003 seconds)

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. Vulnerabilidad no especificada en SSHield 1.6.1 con OpenSSH 3.0.2p1 sobre Cisco WebNS 8.20.0.1 sobre dispositivos Cisco Content Services Switch (CSS) series 11000 permite a atacantes remotos provocar denegación de servicio (agotamiento de la ranura de conexión y caida del dispositivo) a través de una serie de paquetes grandes diseñados para explotar el desbordamiento de detección de ataque de SSH CRC32 (CVE-2001-0144), posiblemente un asunto relacionado con CVE-2002-1024. • http://osvdb.org/45873 http://securityreason.com/securityalert/3091 http://www.securityfocus.com/archive/1/478165/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/44542 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. La funcionalidad de cookies ArrowPoint para los Conmutadores de Servicio de Contenidos (Content Service Switches) Cisco serie 11000 especifica una dirección IP interna si el administrador no especifica una cadena de opción, lo que permite a atacantes remotos obtener información sensible. • http://www.cisco.com/warp/public/117/AP_cookies.html http://www.osvdb.org/28121 •

CVSS: 5.0EPSS: 93%CPEs: 296EXPL: 2

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0

Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. • http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml http://www.kb.cert.org/vuls/id/363374 http://www.securityfocus.com/bid/9806 https://exchange.xforce.ibmcloud.com/vulnerabilities/15388 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. • http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml http://www.kb.cert.org/vuls/id/714121 •