CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-2587
https://notcve.org/view.php?id=CVE-2007-2587
09 May 2007 — The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 •
CVSS: 9.8EPSS: 55%CPEs: 380EXPL: 3CVE-2007-2586 – Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)
https://notcve.org/view.php?id=CVE-2007-2586
09 May 2007 — The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener ... • https://www.exploit-db.com/exploits/6155 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 2%CPEs: 25EXPL: 0CVE-2007-0918
https://notcve.org/view.php?id=CVE-2007-0918
14 Feb 2007 — The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. El motor de firmas ATOMIC.TCP en la función Intrusion Prevention System (IPS) para Cisco IOS versiones 12.4XA, 12.3YA, 12.3T y otros tr... • http://osvdb.org/33053 •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2007-0917
https://notcve.org/view.php?id=CVE-2007-0917
14 Feb 2007 — The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. El Sistema de Prevención de Intrusión (IPS) para Cisco IOS 12.4XE hasta 12.3T permite a atacantes remotos evitar firmas IPS que utilizan expresiones regulares mediante paquetes fragmentados. • http://osvdb.org/33052 •
CVSS: 7.8EPSS: 2%CPEs: 53EXPL: 0CVE-2007-0648
https://notcve.org/view.php?id=CVE-2007-0648
01 Feb 2007 — Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. Cisco IOS después de las versiones 12.3(14)T, 12.3(8)YC1, 12.3(8)YG y 12.4, con soporte de voz y sin el Session Initiated Protocol (SIP) configurado, permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de un paquete manipulado al p... • http://secunia.com/advisories/23978 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2007-0199
https://notcve.org/view.php?id=CVE-2007-0199
11 Jan 2007 — The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." La propiedad Data-link Switching (DLSw) en Cisco IOS 11.0 hata 12.4 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) mediante "un valor inválido en un mensaje DLSw... durante el intercambio de habilidades". • http://osvdb.org/32683 •
CVSS: 10.0EPSS: 3%CPEs: 228EXPL: 0CVE-2006-4950
https://notcve.org/view.php?id=CVE-2006-4950
23 Sep 2006 — Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. Cisco IOS 12.2 hasta 12.4 anteriores al 20/09/2006, usados por Cisco IAD2430, IAD2431, y IAD2432 Integrated A... • http://secunia.com/advisories/21974 •
CVSS: 7.8EPSS: 0%CPEs: 130EXPL: 0CVE-2006-0485
https://notcve.org/view.php?id=CVE-2006-0485
01 Feb 2006 — The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. • http://secunia.com/advisories/18613 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-0486
https://notcve.org/view.php?id=CVE-2006-0486
01 Feb 2006 — Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. • http://secunia.com/advisories/18613 •
CVSS: 7.5EPSS: 3%CPEs: 108EXPL: 0CVE-2006-0340
https://notcve.org/view.php?id=CVE-2006-0340
21 Jan 2006 — Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. • http://secunia.com/advisories/18490 • CWE-20: Improper Input Validation •