CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-5543
https://notcve.org/view.php?id=CVE-2013-5543
31 Oct 2013 — Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470. Vulnerabilidad en Cisco IOS XE 3.4 antes de 3.4.2S y 3,5 antes de 3.5.1S de dispositivos ASR 1000 permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) a través de... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2013-5478
https://notcve.org/view.php?id=CVE-2013-5478
27 Sep 2013 — Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023. Cisco IOS 15.0 hasta 15.3 y IOS XE 3.2 hasta 3.8, cuando existe un interfaz VRF, permite a un atacante remoto causar una denegación de servicio (interface queue wedge) a través de paquetes UDP TSVP, tambien conocido como Bug ID CSCuf17023. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-rsvp • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-5473
https://notcve.org/view.php?id=CVE-2013-5473
27 Sep 2013 — Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed IKEv1 packets, aka Bug ID CSCtx66011. Fuga de memoria en Cisco iOS 12.2, 15.1 y 15.2, iOS XE 3.4.2S hasta la versión 3.4.5S; e iOS XE 3.6.xS anterior a 3.6.1S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga del dispositivo) a través de paquetes IKEv1 mal... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ike • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2013-5472
https://notcve.org/view.php?id=CVE-2013-5472
27 Sep 2013 — The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. La implementación NTP en Cisco IOS 12.0 hasta 12.4 y 15.0 hasta 15.1, e IOS XE 2.1 hasta 3.3, no maneja apropiadamente la encapsulación de paquetes multicast NTP en los mensajes M... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2013-5475
https://notcve.org/view.php?id=CVE-2013-5475
27 Sep 2013 — Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561. Cisco IOS 12.2 hasta 12.4 y 15.0 hasta 15.3, y IOS XE 2.1 hasta 3.9, permite a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través depaquetes DHCP manipulados que son procesados localmente por un (1) servidor o (2) age... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 566EXPL: 0CVE-2013-0149
https://notcve.org/view.php?id=CVE-2013-0149
03 Aug 2013 — The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSC... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2013-1166
https://notcve.org/view.php?id=CVE-2013-1166
11 Apr 2013 — Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609. Cisco IOS XE v3.2 hasta v3.4 antes de v3.4.5S, y v3.5 hasta v3.7 antes de v3.7.1S, en la serie routers 1000 de servicios de agregaciones (ASR), cuando VRF-aware NAT y ALG SIP están habilitadas, permite a atacantes remot... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2013-1164
https://notcve.org/view.php?id=CVE-2013-1164
11 Apr 2013 — Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. Cisco IOS XE v3.4 antes de v3.4.4S, v3.5 y 3.6 en la Series Routers 1000 de Servicios de agregación (ASR) no aplicar correctamente el Cisco Multicast Leaf Eliminación de reciclaje (MLRE), la cu... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2013-2779
https://notcve.org/view.php?id=CVE-2013-2779
11 Apr 2013 — Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164. Cisco IOS XE v3.4 anterior a v3.4.5S, y v3.5 hasta v3.7 anterior a v3.7.1S, ,en Routers de la serie 1000 Agregación S... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2013-1167
https://notcve.org/view.php?id=CVE-2013-1167
11 Apr 2013 — Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558. Cisco IOS XE v3.2 hasta v3.4 antes de v3.4.2S, y v3.5, en la serie routers 1000 de servicios de agregaciones (ASR), cuando el puente dominio de interfaz (BDI) está activada, permite a ataca... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asr1000 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •