CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-3357
https://notcve.org/view.php?id=CVE-2014-3357
Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes mDNS malformados, también conocido como Bug ID CSCul90866. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns/cvrf/cisco-sa-20140924-mdns_cvrf.xml http://www.securityfocus.com/bid/70132 http://www.securitytracker.com/id/1030898 https://exchange.xforce.ibmcloud.com/vulnerabilities/96182 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 46EXPL: 0CVE-2014-3360
https://notcve.org/view.php?id=CVE-2014-3360
Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. Cisco IOS 12.4 y 15.0 hasta 15.4 y IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un mensaje SIP manipulado, también conocido como Bug ID CSCul46586. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip/cvrf/cisco-sa-20140924-sip_cvrf.xml http://www.securityfocus.com/bid/70141 http://www.securitytracker.com/id/1030897 https://exchange.xforce.ibmcloud.com/vulnerabilities/96174 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-3358
https://notcve.org/view.php?id=CVE-2014-3358
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. Fuga de información en Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga de dispositivo) a través de paquetes mDNS malformados, también conocido como Bug ID CSCuj58950. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns/cvrf/cisco-sa-20140924-mdns_cvrf.xml http://www.securityfocus.com/bid/70139 http://www.securitytracker.com/id/1030898 https://exchange.xforce.ibmcloud.com/vulnerabilities/96183 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.1EPSS: 1%CPEs: 5EXPL: 0CVE-2014-3361
https://notcve.org/view.php?id=CVE-2014-3361
The ALG module in Cisco IOS 15.0 through 15.4 does not properly implement SIP over NAT, which allows remote attackers to cause a denial of service (device reload) via multipart SDP IPv4 traffic, aka Bug ID CSCun54071. El módulo ALG en Cisco IOS 15.0 hasta 15.4 no implementa debidamente SIP sobre NAT, lo que permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de tráfico multipart SDP IPv4, también conocido como Bug ID CSCun54071. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-nat/cvrf/cisco-sa-20140924-nat_cvrf.xml http://www.securityfocus.com/bid/70129 http://www.securitytracker.com/id/1030896 https://exchange.xforce.ibmcloud.com/vulnerabilities/96181 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 34EXPL: 0CVE-2014-3359
https://notcve.org/view.php?id=CVE-2014-3359
Memory leak in Cisco IOS 15.1 through 15.4 and IOS XE 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed DHCPv6 packets, aka Bug ID CSCum90081. Fuga de información en Cisco IOS 15.1 hasta 15.4 y IOS XE 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga de dispositivo) a través de paquetes DHCPv6 malformados, también conocido como Bug ID CSCum90081. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-dhcpv6/cvrf/cisco-sa-20140924-dhcpv6_cvrf.xml http://www.securityfocus.com/bid/70140 http://www.securitytracker.com/id/1030895 https://exchange.xforce.ibmcloud.com/vulnerabilities/96177 • CWE-399: Resource Management Errors •