CVSS: 7.1EPSS: 1%CPEs: 4EXPL: 1CVE-2008-1153
https://notcve.org/view.php?id=CVE-2008-1153
Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. Cisco IOS versiones 12.1, 12.2, 12.3 y 12.4, con servicios UDP de IPv4 y el protocolo IPv6 habilitado, permite a los atacantes remotos causar una denegación de servicio (bloqueo del dispositivo y posible interfaz bloqueada) por medio de un paquete IPv6 diseñado para el dispositivo. • http://secunia.com/advisories/29507 http://www.cisco.com/warp/public/707/cisco-sa-20080326-IPv4IPv6.shtml http://www.kb.cert.org/vuls/id/936177 http://www.securityfocus.com/bid/28461 http://www.securitytracker.com/id?1019713 http://www.us-cert.gov/cas/techalerts/TA08-087B.html http://www.vupen.com/english/advisories/2008/1006/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41475 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3 •
CVSS: 7.8EPSS: 2%CPEs: 271EXPL: 0CVE-2008-1152
https://notcve.org/view.php?id=CVE-2008-1152
The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. El componente data-link switching (DLSw) en Cisco IOS 12.0 hasta 12.4 permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo o consumo de memoria) a través de 91 paquetes manipulados del (1) puerto UDP 2067 o (2) protocolo IP. • http://secunia.com/advisories/29507 http://www.cisco.com/en/US/products/products_security_advisory09186a0080969866.shtml http://www.securityfocus.com/bid/28465 http://www.securitytracker.com/id?1019712 http://www.us-cert.gov/cas/techalerts/TA08-087B.html http://www.vupen.com/english/advisories/2008/1006/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41482 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5821 • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 2%CPEs: 22EXPL: 0CVE-2007-5651
https://notcve.org/view.php?id=CVE-2007-5651
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. Vulnerabilidad no especificada en la implementación Extensible Authentication Protocol (EAP) en Cisco IOS 12.3 y 12.4 sobre Cisco Access Points y 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 y 12.2 sobre Cisco switches (Wired EAP dispositivos), y CatOS 6.x hasta la 8.x sobre Cisco switches permite a atacantes remotos provocar denegación de servicio (recarga de dispositivo) a través de un paquete EAP Response Identity manipulado. • http://secunia.com/advisories/27329 http://www.cisco.com/en/US/products/products_security_response09186a00808de8bb.html http://www.securityfocus.com/bid/26139 http://www.securitytracker.com/id?1018842 http://www.vupen.com/english/advisories/2007/3566 https://exchange.xforce.ibmcloud.com/vulnerabilities/37300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5288 •
CVSS: 9.3EPSS: 84%CPEs: 1429EXPL: 2CVE-2007-5381 – Cisco IOS 12.3 - 'LPD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5381
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515. Desbordamiento de búfer basado en pila en Line Printer Daemon (LPD) en Cisco IOS anterior a 12.2(18)SXF11, 12.4(16a), y 12.4(2)T6 permite a atacantes remotos ejecutar código de su elección a través de la configuración de un nombre de host largo sobre el sistema objetivo, lo cual hace que se muestre un mensaje de error, como se demostró con la sesión de telnet en el LPD desde un puerto fuente a otro que 515. • https://www.exploit-db.com/exploits/30652 http://osvdb.org/37935 http://secunia.com/advisories/27169 http://www.cisco.com/en/US/products/products_security_response09186a00808d72e3.html http://www.irmplc.com/index.php/155-Advisory-024 http://www.kb.cert.org/vuls/id/230505 http://www.securityfocus.com/bid/26001 http://www.securitytracker.com/id?1018798 http://www.vupen.com/english/advisories/2007/3457 https://exchange.xforce.ibmcloud.com/vulnerabilities/37046 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 2%CPEs: 22EXPL: 1CVE-2007-4430 – Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4430
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes dependiendo del contexto causar una denegación de servicio (reinicio del dispositivo y reconstrucción de la tabla de enrutamiento BGP) por medio de ciertas expresiones regulares en un comando "show ip bgp regexp". NOTA: los ataques remotos no autenticados son posibles en entornos con acceso anónimo a telnet y Looking Glass. • https://www.exploit-db.com/exploits/30506 http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9 http://secunia.com/advisories/26798 http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html http://www.heise-security.co.uk/news/94526 http://www.securityfocus.com/bid/25352 http://www.securitytracker.com/id?1018685 http://www.vupen.com/english/a • CWE-20: Improper Input Validation •