Page 2 of 11 results (0.007 seconds)

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1(5)E4 allows remote attackers to cause a denial of service (MainApp process hang) via malformed IPv4 packets, aka Bug ID CSCtx18596. La pila IP en Cisco Intrusion Prevention System (IPS) Software en ASA 5500-X IPS-SSP y módulos hardware anterior a v7.1(5)E4, sensores IPS 4500 anterior a v7.1(6)E4, y sensores IPS 4300 anterior a v7.1(5)E4 permite a atacantes remotos causar una denegación de servicio (cuelgue del proceso MainApp ) mediante paquetes IPv4 malformados, también conocido como Bug ID CSCtx18596. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 5%CPEs: 23EXPL: 0

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. El Sistema de Prevención de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://secunia.com/advisories/25285 http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html http://www.gamasec.net/english/gs07-01.html http://www.kb.cert.org/vuls/id/739224 http://www.osvdb.org/35336 http://www.securityfocus.com/archive/1/468633/100/0/threaded http://www.securityfocus.com/bid/23980 http://www.securitytracker.com/id?1018053 http://www.securitytracker.com/id?1018054 http://www.vupen.com/english/advisories/2007/1803 https:/&#x •

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0

Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets". Vulnerabilidad no especificada en Cisco IPS 5.0 anterior a 5.0(6p2) y en 5.1 anterior a 5.1(2), cuando se ejecuta en modo inline o promiscuo, permite a atacantes remotos evitar la inspección del tráfico vía una "secuencia artesanal de paquetes IP fragmentados". • http://secunia.com/advisories/22022 http://securitytracker.com/id?1016891 http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml http://www.kb.cert.org/vuls/id/658884 http://www.osvdb.org/29036 http://www.securityfocus.com/bid/20127 http://www.vupen.com/english/advisories/2006/3721 https://exchange.xforce.ibmcloud.com/vulnerabilities/29058 •

CVSS: 5.0EPSS: 4%CPEs: 3EXPL: 0

The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. La interfaz web(mainApp)para administrar a Cisco IDS nateriores a 4.1(5c), e IPS 5.0 anteriores a 5.0(6p1) y 5.1 anteriores a 5.1(2)permite a un atacante remoto provocar una denegación de servicio (dispositivo sin respuesta) a través de un paquete artesanal SSLv2 Client Hello. • http://secunia.com/advisories/22046 http://securitytracker.com/id?1016891 http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml http://www.kb.cert.org/vuls/id/642076 http://www.osvdb.org/29037 http://www.securityfocus.com/bid/20124 http://www.vupen.com/english/advisories/2006/3721 https://exchange.xforce.ibmcloud.com/vulnerabilities/29056 •

CVSS: 5.0EPSS: 3%CPEs: 7EXPL: 0

The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet. El controlador de dispositivo para los adaptadores de red gigabit basado en Intel en Cisco Intrusion Prevention System (IPS) 5.1(1) hasta la 5.1(p1), instalado en appliances Cisco Intrusion Prevention System 42xx, permite a atacantes remotos provocar denegación de servicio (kernel panic y posiblemente interrupción de la red) a través de paquetes IP manipulados. • http://secunia.com/advisories/21029 http://securitytracker.com/id?1016474 http://www.cisco.com/warp/public/707/cisco-sa-20060712-ips.shtml http://www.osvdb.org/27163 http://www.securityfocus.com/bid/18955 http://www.vupen.com/english/advisories/2006/2772 https://exchange.xforce.ibmcloud.com/vulnerabilities/27692 •