CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 0CVE-2007-4285
https://notcve.org/view.php?id=CVE-2007-4285
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. Una vulnerabilidad no especificada en Cisco IOS y Cisco IOS XR versiones 12.x hasta 12.3, incluyendo algunas versiones anteriores a 12.3(15) y 12.3(14)T, permite a atacantes remotos obtener información confidencial (contenido del paquete parcial) o causar una denegación de servicio (bloqueo de router o componente) por medio de paquetes IPv6 diseñados con un encabezado de enrutamiento Type 0. • http://secunia.com/advisories/26359 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml http://www.securitytracker.com/id?1018542 http://www.vupen.com/english/advisories/2007/2819 https://exchange.xforce.ibmcloud.com/vulnerabilities/35906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5840 •
CVSS: 7.1EPSS: 10%CPEs: 5EXPL: 0CVE-2007-4291
https://notcve.org/view.php?id=CVE-2007-4291
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. Cisco IOS 12.0 hasta 12.4 permite a atacantes remotos provocar una denegación de servicio mediante (1) un paquete MGCP mal formado, que provoca un cuelgue de dispositivo, también conocido como CSCsf08998; un paquete H.323 mal formado que causa una caída de dispositivo, como se identificó en (2) CSCsi60004 con Proxy Unregistration y (3) CSCsg70474; y un paquete Real-time Transport Protocol (RTP) mal formado, que provoca una caída de dispositivo, como se identificó en (4) CSCse68138, relativo a VOIP RTP Lib, y (5) CSCse05642, relativo a corrupción de memoria de E/S. • http://osvdb.org/36677 http://osvdb.org/36678 http://osvdb.org/36679 http://osvdb.org/36680 http://osvdb.org/36681 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://exchange.xforce.ibmcloud.com/vulnerabilities/35903 https://exchange.xforce.ibmcloud.com/vulnerabilities/35904 h •
CVSS: 6.8EPSS: 13%CPEs: 5EXPL: 0CVE-2007-4295
https://notcve.org/view.php?id=CVE-2007-4295
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. Vulnerabilidad sin especificar en el Cisco IOS 12.0 hasta la 12.4 permite a atacantes remotos ejecutar código de su elección a través de paquetes SIP mal formados, también conocido como CSCsi80749. • http://osvdb.org/36667 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075 •
CVSS: 9.3EPSS: 3%CPEs: 5EXPL: 0CVE-2007-4292
https://notcve.org/view.php?id=CVE-2007-4292
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249. Múltiples fugas de memoria en el Cisco IOS 12.0 hasta el 12.4 permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) a través de un paquete SIP mal formado también conocido como (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007 y (7) CSCsc60249. • http://osvdb.org/36670 http://osvdb.org/36671 http://osvdb.org/36672 http://osvdb.org/36673 http://osvdb.org/36674 http://osvdb.org/36675 http://osvdb.org/36676 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://exchange.xforce.ibmcloud.com/vulnerabilities/35890 •
CVSS: 7.8EPSS: 5%CPEs: 23EXPL: 0CVE-2007-2688
https://notcve.org/view.php?id=CVE-2007-2688
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. El Sistema de Prevención de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://secunia.com/advisories/25285 http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html http://www.gamasec.net/english/gs07-01.html http://www.kb.cert.org/vuls/id/739224 http://www.osvdb.org/35336 http://www.securityfocus.com/archive/1/468633/100/0/threaded http://www.securityfocus.com/bid/23980 http://www.securitytracker.com/id?1018053 http://www.securitytracker.com/id?1018054 http://www.vupen.com/english/advisories/2007/1803 https:/&#x •