CVSS: 7.8EPSS: 4%CPEs: 131EXPL: 0CVE-2014-3354
https://notcve.org/view.php?id=CVE-2014-3354
25 Sep 2014 — Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547. Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, y 15.3 y IOS XE 2.x y 3.x anterior a 3.7.4S; 3.2.xSE y 3.3.xSE anterior a 3.3.2SE; 3.3.xSG y 3.4.xSG anterior a 3.4.4SG; y 3.8.xS, 3.9.... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3357
https://notcve.org/view.php?id=CVE-2014-3357
25 Sep 2014 — Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a trav... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3358
https://notcve.org/view.php?id=CVE-2014-3358
25 Sep 2014 — Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. Fuga de información en Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permi... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 34EXPL: 0CVE-2014-3359
https://notcve.org/view.php?id=CVE-2014-3359
25 Sep 2014 — Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081. Fuga de información en Cisco IOS 15.1 hasta 15.4 y IOS XE 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a at... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 46EXPL: 0CVE-2014-3360
https://notcve.org/view.php?id=CVE-2014-3360
25 Sep 2014 — Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. Cisco IOS 12.4 y 15.0 hasta 15.4 y IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a at... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3361
https://notcve.org/view.php?id=CVE-2014-3361
25 Sep 2014 — The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071. El módulo ALG en Cisco IOS 15.0 hasta 15.4 no implementa debidamente SIP sobre NAT, lo que permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de tráfico multipart SDP IPv4, también conocido como Bug ID CSCun54071. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3347
https://notcve.org/view.php?id=CVE-2014-3347
28 Aug 2014 — Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897. Cisco IOS 15.1(4)M2 en los dispositivos Cisco 1800 ISR, cuando la interfaz ISDN Basic Rate está habilitada, permite a atacantes remotos causar una de... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3347 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0CVE-2014-3327
https://notcve.org/view.php?id=CVE-2014-3327
11 Aug 2014 — The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101. El módulo EnergyWise en Cisco IOS 12.2, 15.0, 15.1, 15.2 y 15.4 y IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG y 3.5.xE anterior a 3.5.3E permite a atacantes remotos causar una denegación de servicio (reinicio de dispositivo) a través de un paquete IPv4 manipulado, también ... • http://secunia.com/advisories/60650 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3262
https://notcve.org/view.php?id=CVE-2014-3262
16 May 2014 — The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.3(3)S and earlier and IOS XE does not properly validate parameters in ITR control messages, which allows remote attackers to cause a denial of service (CEF outage and packet drops) via malformed messages, aka Bug ID CSCun73782. La implementación Locator/ID Separation Protocol (LISP) en Cisco IOS 15.3(3)S y anteriores y IOS XE no valida debidamenete parámetros en mensajes de control ITR, lo que permite a atacantes remotos causar una den... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3262 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-3946
https://notcve.org/view.php?id=CVE-2012-3946
24 Apr 2014 — Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682. Cisco IOS anterior a 15.3(2)S permite a atacantes remotos evadir restricciones ACL de interfaz en circunstancias oportunistas mediante el envío de paquetes IPv6 en un escenario no especificado en que descargas de paquetes esperados no ... • http://www.cisco.com/c/en/us/td/docs/ios/15_3s/release/notes/15_3s_rel_notes/15_3s_caveats_15_3_2s.html • CWE-264: Permissions, Privileges, and Access Controls •