CVSS: 8.5EPSS: 0%CPEs: 11EXPL: 0CVE-2008-3806
https://notcve.org/view.php?id=CVE-2008-3806
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. En Cisco IOS v12.0 a la v12.4 en Cisco 10000, los paquetes externos del UDP del manejador de dispositivos de la serie uBR10012 y uBR7200 que se envían a las direcciones 127.0.0.0 /8 pensados para comunicación IPC dentro del dispositivo, permite que los atacantes remotos causen una denegación del servicio (reinicio del dispositivo o del linecard) a través de paquetes del UDP manipulados, una vulnerabilidad distinta de CVE-2008-3805. • http://secunia.com/advisories/31990 http://tools.cisco.com/security/center/viewAlert.x?alertId=16646 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014ae.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/45592 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7123 •
CVSS: 5.1EPSS: 1%CPEs: 3EXPL: 0CVE-2008-3803
https://notcve.org/view.php?id=CVE-2008-3803
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances. Un "error lógico" en Cisco IOS v12.0 a la v12.4, cuando está configurado un Multiprotocol Label Switching (MPLS) VPN "extendida a comunidades" (extended communities), en ocasiones provoca que sea usado un destino de ruta corrupta, lo que permite a atacantes remotos leer el tráfico de red desde otras VPN's en determinadas circunstancias. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014a9.shtml http://www.securityfocus.com/bid/31366 http://www.securitytracker.com/id?1020940 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5919 •
CVSS: 7.8EPSS: 1%CPEs: 252EXPL: 0CVE-2008-3808
https://notcve.org/view.php?id=CVE-2008-3808
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. Vulnerabilidad no especificada en Cisco IOS v12.0, permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) a través del paquete del Protocolo Multidifusión Independiente (PIM) manipulado. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01491.shtml http://www.securityfocus.com/bid/31356 http://www.securitytracker.com/id?1020936 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5873 •
CVSS: 7.1EPSS: 1%CPEs: 204EXPL: 0CVE-2008-3809
https://notcve.org/view.php?id=CVE-2008-3809
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. Vulnerabilidad en dispositivos Gigabit Switch Router (GSR),(aka 12000 Series routers), de Cisco IOS v12.0 a v12.4. Permite a atacantes de control remoto causar denegación de servicio (reinicio de dispositivo) a través de paquetes Multidifusión de Protocolo Independiente (Protocol Independent Multicast, PIM) mal formados. • http://secunia.com/advisories/31990 http://tools.cisco.com/security/center/viewAlert.x?alertId=16638 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01491.shtml http://www.securityfocus.com/bid/31356 http://www.securitytracker.com/id?1020936 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5477 •
CVSS: 6.8EPSS: 13%CPEs: 35EXPL: 3CVE-2008-1447 – BIND 9.4.1 < 9.4.2 - Remote DNS Cache Poisoning
https://notcve.org/view.php?id=CVE-2008-1447
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tráfico DNS a través de un ataque de un cumpleaños que usa referencias in-bailiwick para llevar a cabo un envenenamiento del caché contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacción DNS y los puertos de origen, vulnerabilidad también conocida como "DNS Insufficient Socket Entropy Vulnerability" o "the Kaminsky bug". • https://www.exploit-db.com/exploits/6122 https://www.exploit-db.com/exploits/6130 https://www.exploit-db.com/exploits/6123 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID • CWE-331: Insufficient Entropy •