CVE-2017-3883
https://notcve.org/view.php?id=CVE-2017-3883
A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload. An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload. • http://www.securityfocus.com/bid/101493 http://www.securitytracker.com/id/1039614 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03846en_us https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-aaavty • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. • http://www.securityfocus.com/bid/100005 http://www.securitytracker.com/id/1039005 http://www.securitytracker.com/id/1039006 http://www.securitytracker.com/id/1039007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf • CWE-20: Improper Input Validation •
CVE-2016-1453
https://notcve.org/view.php?id=CVE-2016-1453
Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701. Desbordamiento de búfer en la funcionalidad Overlay Transport Virtualization (OTV) GRE en Cisco NX-OS 5.0 hasta la versión 7.3 en dispositivos Nexus 7000 y 7700 permite a atacantes remotos ejecutar código arbitrario a través de parámetros largos en una cabecera de paquete, vulnerabilidad también conocida como Bug ID CSCuy95701. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv http://www.securityfocus.com/bid/93409 http://www.securitytracker.com/id/1036946 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-6393
https://notcve.org/view.php?id=CVE-2015-6393
Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device crash) via malformed IPv4 DHCP packets to the DHCPv4 relay agent, aka Bug IDs CSCuq39250, CSCus21733, CSCus21739, CSCut76171, and CSCux67182. Cisco NX-OS 4.1 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de paquetes IPv4 DHCP malformados al agente de retransmisión DHCPv4, vulnerabilidad también conocida como Bug IDs CSCuq39250, CSCus21733, CSCus21739, CSCut76171 y CSCux67182. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-dhcp2 http://www.securityfocus.com/bid/93419 http://www.securitytracker.com/id/1036949 • CWE-399: Resource Management Errors •
CVE-2016-1454
https://notcve.org/view.php?id=CVE-2016-1454
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and CSCux11417. Cisco NX-OS 4.0 hasta la versión 7.3 y 11.0 hasta la versión 11.2 en dispositivos 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700 y 9000 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) aprovechando una relación entre iguales para enviar un mensaje BGP UPDATE manipulado, vulnerabilidad también conocida como Bug IDs CSCuq77105 y CSCux11417. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-bgp http://www.securityfocus.com/bid/93417 http://www.securitytracker.com/id/1036950 • CWE-20: Improper Input Validation •