CVE-2016-6415 – Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-6415
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. La implementación del servidor IKEv1 en Cisco IOS 12.2 hasta la versión 12.4 y 15.0 hasta la versión 15.6, IOS XE hasta la versión 3.18S, IOS XR 4.3.x y 5.0.x hasta la versión 5.2.x y PIX en versiones anteriores a 7.0 permite a atacantes remotos obtener información sensible de la memoria del dispositivo a través de una petición de negociación Security Association (SA), vulnerabilidad también conocida como Bug IDs CSCvb29204 y CSCvb36055 o BENIGNCERTAIN. Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure. • https://www.exploit-db.com/exploits/43383 https://github.com/3ndG4me/CVE-2016-6415-BenignCertain-Monitor http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160916-ikev1 http://www.securityfocus.com/bid/93003 http://www.securitytracker.com/id/1036841 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-1459
https://notcve.org/view.php?id=CVE-2016-1459
Cisco IOS 12.4 and 15.0 through 15.5 and IOS XE 3.13 through 3.17 allow remote authenticated users to cause a denial of service (device reload) via crafted attributes in a BGP message, aka Bug ID CSCuz21061. Cisco IOS 12.4 y 15.0 hasta la versión 15.5 y IOS XE 3.13 hasta la versión 3.17 permiten a usuarios remotos autenticados provocar una denegación de servicio (reinicio de dispositivo) a través de atributos manipulados en un mensaje BGP, también conocido como Bug ID CSCuz21061. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160715-bgp http://www.securityfocus.com/bid/91800 http://www.securitytracker.com/id/1036321 • CWE-399: Resource Management Errors •
CVE-2016-1409
https://notcve.org/view.php?id=CVE-2016-1409
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. El protocolo de implementación Neighbor Discovery (ND) en la pila IPv6 en Cisco IOS XE 2.1 hasta la versión 3.17S, IOS XR 2.0.0 hasta la versión 5.3.2 y NX-OS permite a atacantes remotos provocar una denegación de servicio (interrupción de procesado de paquetes) a través de mensajes ND manipulados, también conocido como Bug ID CSCuz66542, tal como se ha explotado activamente en mayo de 2016. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6 http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160824-01-ipv6-en http://www.securityfocus.com/bid/90872 http://www.securitytracker.com/id/1035962 http://www.securitytracker.com/id/1035963 http://www.securitytracker.com/id/1035964 http://www.securitytracker.com/id/1035965 http://www.securitytracker.com/id/1036651 • CWE-20: Improper Input Validation •
CVE-2016-1384
https://notcve.org/view.php?id=CVE-2016-1384
The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898. La implementación NTP en Cisco IOS 15.1 y 15.5 y IOS XE 3.2 hasta la versión 3.17 permite a atacantes remotos modicar el tiempo del sistema a través de paquetes manipulados, también conocido como Bug ID CSCux46898. • http://www.securityfocus.com/bid/86685 http://www.securitytracker.com/id/1035622 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-6360 – libsrtp: improper handling of CSRC count and extension header length in RTP header
https://notcve.org/view.php?id=CVE-2015-6360
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. La característica de procesado de cifrado en Cisco libSRTP en versiones anteriores a 1.5.3 permite a atacantes remotos provocar una denegación de servicio a través de campos manipulados en paquetes SRTP, también conocida como Bug ID CSCux00686. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp http://www.debian.org/security/2016/dsa-3539 http://www.securitytracker.com/id/1035636 http://www.securitytracker.com/id/1035637 http://www.securitytracker.com/id/1035648 http://www.securitytracker.com/id/1035649 http://www.securitytracker.com/id/1035650 http://www.securitytracker.com/id/1035651 http://www.securitytracker.com/id/1035652 https://access.redhat.com/security/cve/CVE-2015-6360 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •