Page 27 of 179 results (0.004 seconds)

CVSS: 7.8EPSS: 8%CPEs: 2EXPL: 0

CVE-2006-4775

https://notcve.org/view.php?id=CVE-2006-4775

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. El VLAN Trunking Protocol (VTP) característico en Cisco IOS 12.1(19) y CatOS permite a un atacante remoto provocar una denegación de servicio con el envío de una actualización de VTP con un valor de revisión de 0x7FFFFFFF, el cual se incrementa a 0x80000000 y es interpretado como un número negativo en un contexto de señales. • http://secunia.com/advisories/21896 http://secunia.com/advisories/21902 http://securitytracker.com/id?1016843 http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml http://www.kb.cert.org/vuls/id/175148 http://www.osvdb.org/28776 http://www.phenoelit.de/stuff/CiscoVTP.txt http://www.securityfocus.com/archive/1/445896/100/0/threaded http://www.securityfocus.com/archive/1/445938/100/0/threaded http://www.securityfocus.com/bid/19998 http://www.vupen& • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0

CVE-2006-4774

https://notcve.org/view.php?id=CVE-2006-4774

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. El VLAN Trunking Protocol (VTP) característico en Cisco IOS 12.1(19) permite a un atacante remoto provocar una denegación de servicio a través del envio de una versión de VTP 1 marco resumen con un valor del campo de la versión de VTP de 2. • http://secunia.com/advisories/21896 http://securitytracker.com/id?1016843 http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml http://www.kb.cert.org/vuls/id/821420 http://www.osvdb.org/28775 http://www.phenoelit.de/stuff/CiscoVTP.txt http://www.securityfocus.com/archive/1/445896/100/0/threaded http://www.securityfocus.com/archive/1/445938/100/0/threaded http://www.securityfocus.com/bid/19998 http://www.vupen.com/english/advisories/2006/3600 https&# • CWE-399: Resource Management Errors •

CVSS: 2.6EPSS: 12%CPEs: 3EXPL: 0

CVE-2006-4650

https://notcve.org/view.php?id=CVE-2006-4650

Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. Cisco IOS 12.0, 12.1, y 12.2, cuando la tunelación GRE IP esta siendo usada y falta la conformidad RFC2784, no verifica el campo offset de un paquete GRE durante su encapsulación, lo cauls lleva a un desbordamiento de enteros que referencia datos desde localizaciones de memoria incorrectas, lo cual permite a un atacante remoto inyectar paquetes artesanales dentro de la cola de enrutamiento, posiblemente evitando la ACLs del router previsto. • http://secunia.com/advisories/21783 http://securityreason.com/securityalert/1526 http://securitytracker.com/id?1016799 http://www.cisco.com/en/US/tech/tk827/tk369/tsd_technology_security_response09186a008072cd7b.html http://www.osvdb.org/28590 http://www.phenoelit.de/stuff/CiscoGRE.txt http://www.securityfocus.com/archive/1/445322/100/0/threaded http://www.securityfocus.com/bid/19878 http://www.vupen.com/english/advisories/2006/3502 https://exchange.xforce.ibmcloud.com/vulnerabilities •

CVSS: 4.6EPSS: 0%CPEs: 130EXPL: 0

CVE-2006-0485

https://notcve.org/view.php?id=CVE-2006-0485

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. • http://secunia.com/advisories/18613 http://securitytracker.com/id?1015543 http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml http://www.osvdb.org/34892 http://www.securityfocus.com/bid/16383 http://www.vupen.com/english/advisories/2006/0337 https://exchange.xforce.ibmcloud.com/vulnerabilities/24308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5836 •

CVSS: 7.1EPSS: 3%CPEs: 108EXPL: 0

CVE-2006-0340

https://notcve.org/view.php?id=CVE-2006-0340

Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. • http://secunia.com/advisories/18490 http://securityreason.com/securityalert/358 http://securitytracker.com/id?1015501 http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml http://www.osvdb.org/22624 http://www.securityfocus.com/bid/16303 http://www.vupen.com/english/advisories/2006/0248 https://exchange.xforce.ibmcloud.com/vulnerabilities/24182 • CWE-20: Improper Input Validation •