CVSS: 7.5EPSS: 8%CPEs: 5EXPL: 0CVE-2007-4291
https://notcve.org/view.php?id=CVE-2007-4291
09 Aug 2007 — Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. Cisco IOS 12.0 hasta ... • http://osvdb.org/36677 •
CVSS: 7.5EPSS: 3%CPEs: 5EXPL: 0CVE-2007-4293
https://notcve.org/view.php?id=CVE-2007-4293
09 Aug 2007 — Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. Cisco IOS 12.0 hasta la 12.4 permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) a través de (1) mensajes MGCP "anómalos", también conocido como CSCsd81407, y (2) un paquete facsimile grande, también conocido como CSCej20505. • http://osvdb.org/36668 •
CVSS: 9.3EPSS: 3%CPEs: 5EXPL: 0CVE-2007-4292
https://notcve.org/view.php?id=CVE-2007-4292
09 Aug 2007 — Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249. Múltiples fugas de memoria en el Cisco IOS 12.0 hasta el 12.4 permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) a través de un paquete SIP mal formado también conocido como (1) CSCsf11855, (2) CSCeb21064, (... • http://osvdb.org/36670 •
CVSS: 9.8EPSS: 58%CPEs: 5EXPL: 2CVE-2007-4286 – Cisco IOS Next Hop Resolution Protocol (NHRP) - Denial of Service
https://notcve.org/view.php?id=CVE-2007-4286
09 Aug 2007 — Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. Un desbordamiento de búfer en la funcionalidad Next Hop Resolution Protocol (NHRP) en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes remotos causar una denegación de servicio (reinicio) y ejecutar código arbitrario por medio de un paquete NHRP especialmente diseñado. • https://www.exploit-db.com/exploits/4272 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 16%CPEs: 8EXPL: 0CVE-2007-4294
https://notcve.org/view.php?id=CVE-2007-4294
09 Aug 2007 — Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. Vulnerabilidad sin especificar en el Cisco Unified Communications Manager (CUCM) 5.0, 5.1, y 6.0 y en el IOS 12.0 hasta el 12.4, permite a atacantes remotos ejecutar código de su elección a través de un paquete SIP mal formado, también conocido como CSCsi80102. • http://osvdb.org/36693 •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2007-2587
https://notcve.org/view.php?id=CVE-2007-2587
09 May 2007 — The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 •
CVSS: 9.8EPSS: 74%CPEs: 380EXPL: 3CVE-2007-2586 – Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)
https://notcve.org/view.php?id=CVE-2007-2586
09 May 2007 — The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener ... • https://www.exploit-db.com/exploits/6155 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 3%CPEs: 25EXPL: 0CVE-2007-0917
https://notcve.org/view.php?id=CVE-2007-0917
14 Feb 2007 — The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. El Sistema de Prevención de Intrusión (IPS) para Cisco IOS 12.4XE hasta 12.3T permite a atacantes remotos evitar firmas IPS que utilizan expresiones regulares mediante paquetes fragmentados. • http://osvdb.org/33052 •
CVSS: 7.5EPSS: 5%CPEs: 25EXPL: 0CVE-2007-0918
https://notcve.org/view.php?id=CVE-2007-0918
14 Feb 2007 — The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. El motor de firmas ATOMIC.TCP en la función Intrusion Prevention System (IPS) para Cisco IOS versiones 12.4XA, 12.3YA, 12.3T y otros tr... • http://osvdb.org/33053 •
CVSS: 7.8EPSS: 4%CPEs: 53EXPL: 0CVE-2007-0648
https://notcve.org/view.php?id=CVE-2007-0648
01 Feb 2007 — Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. Cisco IOS después de las versiones 12.3(14)T, 12.3(8)YC1, 12.3(8)YG y 12.4, con soporte de voz y sin el Session Initiated Protocol (SIP) configurado, permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de un paquete manipulado al p... • http://secunia.com/advisories/23978 •