CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0586
https://notcve.org/view.php?id=CVE-2015-0586
The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and earlier on Cisco 2900 Integrated Services Router (aka Cisco Internet Router) devices allows remote attackers to cause a denial of service (NBAR process hang) via IPv4 packets, aka Bug ID CSCuo73682. La implementación del protocolo Network-Based Application Recognition (NBAR) en Cisco IOS 15.3(100)M y anteriores en los dispositivos de Cisco 2900 Integrated Services Router (también conocido como Cisco Internet Router) permite a atacantes remotos causar una denegación de servicio (cuelgue de los procesos de NBAR) a través de paquetes IPv4, también conocido como Bug ID CSCuo73682. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0586 http://tools.cisco.com/security/center/viewAlert.x?alertId=37171 http://www.securityfocus.com/bid/72309 http://www.securitytracker.com/id/1031659 https://exchange.xforce.ibmcloud.com/vulnerabilities/100660 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-3357
https://notcve.org/view.php?id=CVE-2014-3357
Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de paquetes mDNS malformados, también conocido como Bug ID CSCul90866. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns/cvrf/cisco-sa-20140924-mdns_cvrf.xml http://www.securityfocus.com/bid/70132 http://www.securitytracker.com/id/1030898 https://exchange.xforce.ibmcloud.com/vulnerabilities/96182 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 46EXPL: 0CVE-2014-3360
https://notcve.org/view.php?id=CVE-2014-3360
Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. Cisco IOS 12.4 y 15.0 hasta 15.4 y IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, y 3.7.xS anterior a 3.7.6S; 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S; y 3.11.xS anterior a 3.12S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un mensaje SIP manipulado, también conocido como Bug ID CSCul46586. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-sip/cvrf/cisco-sa-20140924-sip_cvrf.xml http://www.securityfocus.com/bid/70141 http://www.securitytracker.com/id/1030897 https://exchange.xforce.ibmcloud.com/vulnerabilities/96174 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 0CVE-2014-3358
https://notcve.org/view.php?id=CVE-2014-3358
Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. Fuga de información en Cisco IOS 15.0, 15.1, 15.2, y 15.4 y IOS XE 3.3.xSE anterior a 3.3.2SE, 3.3.xXO anterior a 3.3.1XO, 3.5.xE anterior a 3.5.2E, y 3.11.xS anterior a 3.11.1S permite a atacantes remotos causar una denegación de servicio (consumo de memoria o recarga de dispositivo) a través de paquetes mDNS malformados, también conocido como Bug ID CSCuj58950. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-mdns/cvrf/cisco-sa-20140924-mdns_cvrf.xml http://www.securityfocus.com/bid/70139 http://www.securitytracker.com/id/1030898 https://exchange.xforce.ibmcloud.com/vulnerabilities/96183 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 2%CPEs: 131EXPL: 0CVE-2014-3354
https://notcve.org/view.php?id=CVE-2014-3354
Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547. Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, y 15.3 y IOS XE 2.x y 3.x anterior a 3.7.4S; 3.2.xSE y 3.3.xSE anterior a 3.3.2SE; 3.3.xSG y 3.4.xSG anterior a 3.4.4SG; y 3.8.xS, 3.9.xS, y 3.10.xS anterior a 3.10.1S permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de mensajes RSVP malformados, también conocido como Bug ID CSCui11547. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140924-rsvp/cvrf/cisco-sa-20140924-rsvp_cvrf.xml http://www.securityfocus.com/bid/70131 http://www.securityfocus.com/bid/70183 http://www.securitytracker.com/id/1030893 https://exchange.xforce.ibmcloud.com/vulnerabilities/96178 • CWE-20: Improper Input Validation •