CVE-2019-1737 – Cisco IOS and IOS XE Software IP Service Level Agreement Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1737
A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to improper socket resources handling in the IP SLA responder application code. An attacker could exploit this vulnerability by sending crafted IP SLA packets to an affected device. An exploit could allow the attacker to cause an interface to become wedged, resulting in an eventual denial of service (DoS) condition on the affected device. Una vulnerabilidad en el procesamiento de los paquetes IP SLA (Service Level Agreement) de los softwares Cisco IOS y Cisco IOS XE podría permitir que un atacante remoto no autenticado provoque una cuña (wedge) en la interfaz y, finalmente, una denegación de servicio (DoS) en el dispositivo afectado. • http://www.securityfocus.com/bid/107604 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190327-ipsla-dos • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2018-0282 – Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0282
A vulnerability in the TCP socket code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a state condition between the socket state and the transmission control block (TCB) state. While this vulnerability potentially affects all TCP applications, the only affected application observed so far is the HTTP server. An attacker could exploit this vulnerability by sending specific HTTP requests at a sustained rate to a reachable IP address of the affected software. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition on an affected device. • http://www.securityfocus.com/bid/106510 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tcp • CWE-371: State Issues •
CVE-2018-0197 – Cisco IOS and IOS XE Software VLAN Trunking Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0197
A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service (DoS) condition. The vulnerability is due to a logic error in how the affected software handles a subset of VTP packets. An attacker could exploit this vulnerability by sending VTP packets in a sequence that triggers a timeout in the VTP message processing code of the affected software. A successful exploit could allow the attacker to impact the ability to create, modify, or delete VLANs and cause a DoS condition. There are workarounds that address this vulnerability. • http://www.securityfocus.com/bid/105424 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-vtp • CWE-20: Improper Input Validation •
CVE-2018-0473 – Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0473
A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could exploit this vulnerability by sending a custom PTP packet to, or through, an affected device. A successful exploit could allow the attacker to cause a DoS condition for the PTP subsystem, resulting in time synchronization issues across the network. Una vulnerabilidad en el subsistema Precision Time Protocol (PTP) de Cisco NX-OS Software podría permitir que un atacante remoto sin autenticar provoque una denegación de servicio (DoS) en el protocolo PTP. • http://www.securityfocus.com/bid/105427 http://www.securitytracker.com/id/1041737 https://ics-cert.us-cert.gov/advisories/ICSA-19-094-03 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ptp • CWE-399: Resource Management Errors •
CVE-2018-0475 – Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0475
A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation when handling Cluster Management Protocol (CMP) messages. An attacker could exploit this vulnerability by sending a malicious CMP message to an affected device. A successful exploit could allow the attacker to cause the switch to crash and reload or to hang, resulting in a DoS condition. If the switch hangs it will not reboot automatically, and it will need to be power cycled manually to recover. • http://www.securityfocus.com/bid/105404 http://www.securitytracker.com/id/1041737 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-cmp • CWE-20: Improper Input Validation •