Page 25 of 182 results (0.009 seconds)

CVSS: 7.8EPSS: 7%CPEs: 188EXPL: 0

Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. Cisco IOS 12.4 y anteriores, cuando utilizan paquetes de cifrado y el soporte SSL está habilitado, permite a atacantes remotos provocar una denegación de servicio mediante mensajes (1) ClientHello, (2) ChangeCipherSpec, o (3) Finished durante una sesión SSL. • http://secunia.com/advisories/25361 http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml http://www.osvdb.org/35339 http://www.securityfocus.com/bid/24097 http://www.securitytracker.com/id?1018094 http://www.vupen.com/english/advisories/2007/1910 https://exchange.xforce.ibmcloud.com/vulnerabilities/34432 https://exchange.xforce.ibmcloud.com/vulnerabilities/34436 https://exchange.xforce.ibmcloud.com/vulnerabilities/34442 https://oval.cisecurity.org/repository/search/def •

CVSS: 7.8EPSS: 5%CPEs: 23EXPL: 0

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. El Sistema de Prevención de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://secunia.com/advisories/25285 http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html http://www.gamasec.net/english/gs07-01.html http://www.kb.cert.org/vuls/id/739224 http://www.osvdb.org/35336 http://www.securityfocus.com/archive/1/468633/100/0/threaded http://www.securityfocus.com/bid/23980 http://www.securitytracker.com/id?1018053 http://www.securitytracker.com/id?1018054 http://www.vupen.com/english/advisories/2007/1803 https:/&#x •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.osvdb.org/35335 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce.ibmcloud.com/vulnerabilities/34196 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5444 •

CVSS: 9.3EPSS: 89%CPEs: 380EXPL: 3

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener otro impacto, incluyendo la lectura de la configuración de inicio, como es demostrado mediante un comando MKD especialmente diseñado que involucra el acceso a un dispositivo VTY y desborda un búfer, también se conoce como ID de bug CSCek55259. • https://www.exploit-db.com/exploits/6155 http://seclists.org/bugtraq/2009/Jan/0183.html http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.exploit-db.com/exploits/6155 http://www.osvdb.org/35334 http://www.securityfocus.com/archive/1/494868 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce& • CWE-863: Incorrect Authorization •

CVSS: 7.8EPSS: 5%CPEs: 253EXPL: 0

Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header. Cisco IOS permite a atacantes remotos provocar una denegación de servicio (caída) mediante una cabecera manipulada de IPv6 Type 0 Routing. • http://osvdb.org/32091 http://secunia.com/advisories/23867 http://securitytracker.com/id?1017550 http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb0fd.shtml http://www.kb.cert.org/vuls/id/274760 http://www.securityfocus.com/bid/22210 http://www.us-cert.gov/cas/techalerts/TA07-024A.html http://www.vupen.com/english/advisories/2007/0329 https://exchange.xforce.ibmcloud.com/vulnerabilities/31715 https://oval.cisecurity.org/repository/search/definition/oval%3Ao •