CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2013-5472
https://notcve.org/view.php?id=CVE-2013-5472
27 Sep 2013 — The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. La implementación NTP en Cisco IOS 12.0 hasta 12.4 y 15.0 hasta 15.1, e IOS XE 2.1 hasta 3.3, no maneja apropiadamente la encapsulación de paquetes multicast NTP en los mensajes M... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5474
https://notcve.org/view.php?id=CVE-2013-5474
27 Sep 2013 — Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812. Condición de carrera en la implementación de IPv6 virtual fragmentation reassembly (VFR) en Cisco IOS 12.2 hasta 12.4 y 15.0 hasta 15.3 permite a un atacante remoto causar una denegación de servicio (recarga o cuelgue de dispositivo) a través de paq... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ipv6vfr • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2013-5475
https://notcve.org/view.php?id=CVE-2013-5475
27 Sep 2013 — Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561. Cisco IOS 12.2 hasta 12.4 y 15.0 hasta 15.3, y IOS XE 2.1 hasta 3.9, permite a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través depaquetes DHCP manipulados que son procesados localmente por un (1) servidor o (2) age... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-dhcp • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 566EXPL: 0CVE-2013-0149
https://notcve.org/view.php?id=CVE-2013-0149
03 Aug 2013 — The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSC... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1143
https://notcve.org/view.php?id=CVE-2013-1143
28 Mar 2013 — The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. La implementación del protocolo RSVP en Cisco IOS 12.2 y 15.0 a la 15.2 e IOS XE 3.1.xS a la 3.4.xS anteior a 3.4.5S y 3.5.xS a la 3.7.xS anterior a... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-rsvp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2013-1145
https://notcve.org/view.php?id=CVE-2013-1145
28 Mar 2013 — Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174. Fuga de memoria en Cisco IOS 12.2, 12.4, 15.0 y 15.1, cuando está activada la capa de aplicación de puerta de enlace de inspección, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria o reinicio de di... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-cce • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-1142
https://notcve.org/view.php?id=CVE-2013-1142
28 Mar 2013 — Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745. Condición de carrera en la funcionalidad VRF-Aware NAT en Cisco IOS 12.2 a la 12.4 y 15.0 a la 15.2, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de paquetes IPv4. Aka Bug IDs CSCtg47129 y CSCtz96745. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-nat • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1144
https://notcve.org/view.php?id=CVE-2013-1144
28 Mar 2013 — Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055. Fuga de memoria en la implementación IKEv1 en Cisco IOS 15.1, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de paquetes IKE (1) IPv4 o (2) IPv6 no especificados. Aka Bug ID CSCth81055. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-ike • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2013-1147
https://notcve.org/view.php?id=CVE-2013-1147
28 Mar 2013 — The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999. La funcionalidad Protocol Translation (PT) en Cisco IOS v12.3 hasta v12.4 y 15.0 hasta 15.3, cuando estan configuradas una traduccion one-s... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-pt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0CVE-2013-1146 – Cisco IOS Smart Install Configuration File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-1146
28 Mar 2013 — The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. La funcionalidad Smart Install del cliente de Cisco IOS v12.2 y v15.0 hasta v15.3 en los switches Catalyst permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) a través de una lista de parámetros imagen en los paquetes de Sm... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130327-smartinstall • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •