CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2015-0610
https://notcve.org/view.php?id=CVE-2015-0610
Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071. Condición de carrera en la característica object-group ACL en Cisco IOS 15.5(2)T y anteriores permite a atacantes remotos evadir las restricciones de acceso a través de trafico manipulado de la red que provoca el manejo incorrecto de los tiempos de la conmutación de procesos y de la conmutación de Cisco Express Forwarding (CEF), también conocido como Bug ID CSCun21071. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0610 http://tools.cisco.com/security/center/viewAlert.x?alertId=37423 http://www.securityfocus.com/bid/72565 http://www.securitytracker.com/id/1031732 https://exchange.xforce.ibmcloud.com/vulnerabilities/100807 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0CVE-2014-3293
https://notcve.org/view.php?id=CVE-2014-3293
Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sending many crafted IPv4 packets, aka Bug ID CSCuo29736. Cisco IOS 15.4(3)S0b en los dispositivos ASR901 toma decisiones incorrectas para utilizar la CPU para el procesamiento de paquetes IPv4, lo que permite a atacantes remotos causar una denegación de servicio (cambios constantes 'flapping' entre vecinos BGP) mediante el envío de muchos paquetes IPv4 manipulados, también conocido como Bug ID CSCuo29736. • http://secunia.com/advisories/61830 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3293 http://tools.cisco.com/security/center/viewAlert.x?alertId=36195 http://www.securityfocus.com/bid/70744 http://www.securitytracker.com/id/1031122 https://exchange.xforce.ibmcloud.com/vulnerabilities/97769 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-3358
https://notcve.org/view.php?id=CVE-2014-3358
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. Fuga de información en Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga de dispositivo) a través de paquetes mDNS malformados, también conocido como Bug ID CSCuj58950. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns/cvrf/cisco-sa-20140924-mdns_cvrf.xml http://www.securityfocus.com/bid/70139 http://www.securitytracker.com/id/1030898 https://exchange.xforce.ibmcloud.com/vulnerabilities/96183 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 34EXPL: 0CVE-2014-3359
https://notcve.org/view.php?id=CVE-2014-3359
Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081. Fuga de información en Cisco IOS 15.1 hasta 15.4 y IOS XE 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga de dispositivo) a través de paquetes DHCPv6 malformados, también conocido como Bug ID CSCum90081. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6/cvrf/cisco-sa-20140924-dhcpv6_cvrf.xml http://www.securityfocus.com/bid/70140 http://www.securitytracker.com/id/1030895 https://exchange.xforce.ibmcloud.com/vulnerabilities/96177 • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3361
https://notcve.org/view.php?id=CVE-2014-3361
The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071. El módulo ALG en Cisco IOS 15.0 hasta 15.4 no implementa debidamente SIP sobre NAT, lo que permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de tráfico multipart SDP IPv4, también conocido como Bug ID CSCun54071. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat/cvrf/cisco-sa-20140924-nat_cvrf.xml http://www.securityfocus.com/bid/70129 http://www.securitytracker.com/id/1030896 https://exchange.xforce.ibmcloud.com/vulnerabilities/96181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •