CVSS: 9.8EPSS: 16%CPEs: 8EXPL: 0CVE-2007-4294
https://notcve.org/view.php?id=CVE-2007-4294
09 Aug 2007 — Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. Vulnerabilidad sin especificar en el Cisco Unified Communications Manager (CUCM) 5.0, 5.1, y 6.0 y en el IOS 12.0 hasta el 12.4, permite a atacantes remotos ejecutar código de su elección a través de un paquete SIP mal formado, también conocido como CSCsi80102. • http://osvdb.org/36693 •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4263
https://notcve.org/view.php?id=CVE-2007-4263
08 Aug 2007 — Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. Vulnerabilidad no especificada en el lado de servidor de la implementación de Secure Copy (SCP) de Cisco IOS basado en 12.2 permite a usuarios autenticados remotamente leer, escribir o sobrescribir cualquier archivo en el sistema de ficheros del dispositivo mediante vectores no espec... • http://osvdb.org/36694 •
CVSS: 7.8EPSS: 6%CPEs: 23EXPL: 0CVE-2007-2688
https://notcve.org/view.php?id=CVE-2007-2688
16 May 2007 — The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. El Sistema de Prevención de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podría permitir a atacantes ... • http://secunia.com/advisories/25285 •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2007-2587
https://notcve.org/view.php?id=CVE-2007-2587
09 May 2007 — The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 •
CVSS: 9.8EPSS: 74%CPEs: 380EXPL: 3CVE-2007-2586 – Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)
https://notcve.org/view.php?id=CVE-2007-2586
09 May 2007 — The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener ... • https://www.exploit-db.com/exploits/6155 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2007-1258
https://notcve.org/view.php?id=CVE-2007-1258
03 Mar 2007 — Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. Vulnerabilidad no especificada en Cisco IOS 12.2SXA, SXB, SXD, and SXF; y el MSFC2, MSFC2a y MSFC3 corriendo en Modo Híbrido en Cisco Catalyst 6000, 6500 y Cisco 7600 series systems; permite a atacantes re... • http://osvdb.org/33067 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2007-0199
https://notcve.org/view.php?id=CVE-2007-0199
11 Jan 2007 — The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." La propiedad Data-link Switching (DLSw) en Cisco IOS 11.0 hata 12.4 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) mediante "un valor inválido en un mensaje DLSw... durante el intercambio de habilidades". • http://osvdb.org/32683 •
CVSS: 10.0EPSS: 3%CPEs: 228EXPL: 0CVE-2006-4950
https://notcve.org/view.php?id=CVE-2006-4950
23 Sep 2006 — Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. Cisco IOS 12.2 hasta 12.4 anteriores al 20/09/2006, usados por Cisco IAD2430, IAD2431, y IAD2432 Integrated A... • http://secunia.com/advisories/21974 •
CVSS: 9.1EPSS: 11%CPEs: 3EXPL: 0CVE-2006-4650
https://notcve.org/view.php?id=CVE-2006-4650
09 Sep 2006 — Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. Cisco IOS 12.0, 12.1, y 12.2, cuando la tunelación GRE IP esta siendo usada y falta la conformidad RFC2784, no verifica el ... • http://secunia.com/advisories/21783 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-0486
https://notcve.org/view.php?id=CVE-2006-0486
01 Feb 2006 — Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. • http://secunia.com/advisories/18613 •