CVE-2017-6741
https://notcve.org/view.php?id=CVE-2017-6741
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP: Versions 1, 2c, and 3. • http://www.securityfocus.com/bid/99345 http://www.securitytracker.com/id/1038808 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-6393
https://notcve.org/view.php?id=CVE-2016-6393
The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service (device reload) via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667. El servicio AAA en Cisco IOS 12.0 hasta la versión 12.4 y 15.0 hasta la versión 15.6 e IOS XE 2.1 hasta la versión 3.18 y 16.2 permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de un intento de conexión SSH fallido que no es manejado correctamente durante la generación de un mensaje de registro de error, vulnerabilidad también conocida como Bug ID CSCuy87667. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-aaados http://www.securityfocus.com/bid/93196 http://www.securitytracker.com/id/1036914 https://ics-cert.us-cert.gov/advisories/ICSA-16-287-04 • CWE-399: Resource Management Errors •
CVE-2014-2146
https://notcve.org/view.php?id=CVE-2014-2146
The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. La funcionalidad Zone-Based Firewall (ZBFW) en Cisco IOS, posiblemente 15.4 y versiones anteriores e IOS XE, posiblemente 3.13 y versiones anteriores, no maneja adecuadamente la zona de comprobación de las sesiones existentes, lo que permite a atacantes remotos eludir las restricciones de acceso a los recursos intencionadas a través de tráfico suplantado que coincide con una de estas sesiones, vulnerabilidad también conocida como Bug IDs CSCun94946 y CSCun96847. • http://www.securityfocus.com/bid/93126 https://tools.cisco.com/security/center/viewAlert.x?alertId=39129 • CWE-20: Improper Input Validation •
CVE-2016-6415 – Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-6415
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. La implementación del servidor IKEv1 en Cisco IOS 12.2 hasta la versión 12.4 y 15.0 hasta la versión 15.6, IOS XE hasta la versión 3.18S, IOS XR 4.3.x y 5.0.x hasta la versión 5.2.x y PIX en versiones anteriores a 7.0 permite a atacantes remotos obtener información sensible de la memoria del dispositivo a través de una petición de negociación Security Association (SA), vulnerabilidad también conocida como Bug IDs CSCvb29204 y CSCvb36055 o BENIGNCERTAIN. Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure. • https://www.exploit-db.com/exploits/43383 https://github.com/3ndG4me/CVE-2016-6415-BenignCertain-Monitor http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 http://www.securityfocus.com/bid/93003 http://www.securitytracker.com/id/1036841 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-1409
https://notcve.org/view.php?id=CVE-2016-1409
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. El protocolo de implementación Neighbor Discovery (ND) en la pila IPv6 en Cisco IOS XE 2.1 hasta la versión 3.17S, IOS XR 2.0.0 hasta la versión 5.3.2 y NX-OS permite a atacantes remotos provocar una denegación de servicio (interrupción de procesado de paquetes) a través de mensajes ND manipulados, también conocido como Bug ID CSCuz66542, tal como se ha explotado activamente en mayo de 2016. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en http://www.securityfocus.com/bid/90872 http://www.securitytracker.com/id/1035962 http://www.securitytracker.com/id/1035963 http://www.securitytracker.com/id/1035964 http://www.securitytracker.com/id/1035965 http://www.securitytracker.com/id/1036651 • CWE-20: Improper Input Validation •