NotCVE - vendor:"Cisco" product:"Ios" version:"12.4\(4\)xc1"

Page 25 of 281 results (0.029 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

CVE-2009-0470 – Cisco IOS 12.4(23) - HTTP Server Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2009-0470

06 Feb 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el servidor HTTP en Cisco IOS v12.4(23) permite a atacantes remotos inyectar secuencias de comando web o HTML de su elección a través de PATH_INFO a la ... • https://www.exploit-db.com/exploits/32776 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 2%CPEs: 284EXPL: 2

CVE-2008-3821 – Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2008-3821

16 Jan 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el servidor HTTP en Cisco IOS v11.0 hasta v12.4, permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante (1) la cadena query al programa ... • https://www.exploit-db.com/exploits/32723 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 1%CPEs: 2049EXPL: 1

CVE-2008-4609

https://notcve.org/view.php?id=CVE-2008-4609

20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2008-3799

https://notcve.org/view.php?id=CVE-2008-3799

26 Sep 2008 — Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. Fuga de memoria en la implementación de la Session Initiation Protocol (SIP) en Cisco IOS v12.2 a la v12.4, cuando VoIP está configurada, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y parada del servicio de voz) ... • http://secunia.com/advisories/31990 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.8EPSS: 1%CPEs: 252EXPL: 0

CVE-2008-3808

https://notcve.org/view.php?id=CVE-2008-3808

26 Sep 2008 — Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. Vulnerabilidad no especificada en Cisco IOS v12.0, permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) a través del paquete del Protocolo Multidifusión Independiente (PIM) manipulado. • http://secunia.com/advisories/31990 •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2008-3813

https://notcve.org/view.php?id=CVE-2008-3813

26 Sep 2008 — Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. Vulnerabilidad no especificada en Cisco IOS v12.2 y v12.4. Cuando está habilitado el proceso de demonio del L2TP (Layer 2 Tunneling Protocol) mgmt permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) a través un paquete L2TP manipulado. • http://secunia.com/advisories/31990 •

CVSS: 7.5EPSS: 0%CPEs: 85EXPL: 0

CVE-2008-3802

https://notcve.org/view.php?id=CVE-2008-3802

26 Sep 2008 — Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801. Vulnerabilidad sin especificar en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4, cuando está configurada la VoIP, permite a atacantes remot... • http://secunia.com/advisories/31990 •

CVSS: 8.5EPSS: 1%CPEs: 11EXPL: 0

CVE-2008-3806

https://notcve.org/view.php?id=CVE-2008-3806

26 Sep 2008 — Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. En Cisco IOS v12.0 a la v12.4 en Cisco 10000, los paquetes externos del UDP del manejador de dispositivos de la serie uBR10012 y uBR7200 que se envían a las... • http://secunia.com/advisories/31990 •

CVSS: 7.5EPSS: 8%CPEs: 10EXPL: 0

CVE-2008-3801

https://notcve.org/view.php?id=CVE-2008-3801

26 Sep 2008 — Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. Vulnerabilidad no especificada en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12... • http://secunia.com/advisories/31990 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2008-3804

https://notcve.org/view.php?id=CVE-2008-3804

26 Sep 2008 — Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. Vulnerabilidad sin especificar en el Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) en Cisco IOS v12.2 y v12.4, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) a través de paquetes manipula... • http://secunia.com/advisories/31990 •

1...23 24 25 26 27