CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2013-1164
https://notcve.org/view.php?id=CVE-2013-1164
11 Apr 2013 — Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. Cisco IOS XE v3.4 antes de v3.4.4S, v3.5 y 3.6 en la Series Routers 1000 de Servicios de agregación (ASR) no aplicar correctamente el Cisco Multicast Leaf Eliminación de reciclaje (MLRE), la cu... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2013-2779
https://notcve.org/view.php?id=CVE-2013-2779
11 Apr 2013 — Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164. Cisco IOS XE v3.4 anterior a v3.4.5S, y v3.5 hasta v3.7 anterior a v3.7.1S, ,en Routers de la serie 1000 Agregación S... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2013-1167
https://notcve.org/view.php?id=CVE-2013-1167
11 Apr 2013 — Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558. Cisco IOS XE v3.2 hasta v3.4 antes de v3.4.2S, y v3.5, en la serie routers 1000 de servicios de agregaciones (ASR), cuando el puente dominio de interfaz (BDI) está activada, permite a ataca... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2013-1165
https://notcve.org/view.php?id=CVE-2013-1165
11 Apr 2013 — Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293. Cisco IOS XE v2.x y v3.x antes de v3.4.5S, y v3.5 hasta v3.7 antes de v3.7.1S, en la serie routers 1000 de agregación (ASR) permite a atacantes remotos provocar una denegación de servicio (recarga de la tarjeta), enviando muchos paquetes manipulados L2TP, tam... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1143
https://notcve.org/view.php?id=CVE-2013-1143
28 Mar 2013 — The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. La implementación del protocolo RSVP en Cisco IOS 12.2 y 15.0 a la 15.2 e IOS XE 3.1.xS a la 3.4.xS anteior a 3.4.5S y 3.5.xS a la 3.7.xS anterior a... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2013-1148
https://notcve.org/view.php?id=CVE-2013-1148
28 Mar 2013 — The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594. La implementación del General Responder en la función IP Service Level Agreement (SLA) en Cisco IOS XE v15.2 y v3.1.xS a través v3.4.xS antes de v3.4.5S y v3.5.xS a... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ipsla • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 260EXPL: 0CVE-2012-3949
https://notcve.org/view.php?id=CVE-2012-3949
27 Sep 2012 — The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664. La implementación SIP en Cisco Unified Communica... • http://osvdb.org/85816 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2011-4231
https://notcve.org/view.php?id=CVE-2011-4231
03 May 2012 — Cisco IOS 15.1 and 15.2 and IOS XE 3.x, when configured as an IPsec hub with X.509 certificates in use, allows remote authenticated users to cause a denial of service (segmentation fault and device crash) via unspecified vectors, aka Bug ID CSCtq61128. Cisco IOS v15.1 y v15.2 y el IOS XE v3.x, cuando se configura como un hub IPSec con certificados X.509 en uso, permite a usuarios remotos autenticados provocar una denegación de servicio (fallo de segmentación y la caída del dispositivo) a través de vectores ... • http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151-4MCAVS.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2011-4007
https://notcve.org/view.php?id=CVE-2011-4007
02 May 2012 — Cisco IOS 15.0 and 15.1 and IOS XE 3.x do not properly handle the "set mpls experimental imposition" command, which allows remote attackers to cause a denial of service (device crash) via network traffic that triggers (1) fragmentation or (2) reassembly, aka Bug ID CSCtr56576. Cisco IOS v15.0 y v15.1 y el IOS XE v3.x no manejan correctamente el comando "set mpls experimental imposition", que permite a atacantes remotos causar una denegación de servicio (caída de dispositivo) a través de tráfico de red que p... • http://www.cisco.com/en/US/docs/ios/ios_xe/3/release/notes/asr1k_caveats_33s.html • CWE-20: Improper Input Validation •