CVE-2009-0629
https://notcve.org/view.php?id=CVE-2009-0629
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets. Las funcionalidades (1) Airline Product Set (conocido como ALPS), (2) Serial Tunnel Code (conocido como STUN), (3) Block Serial Tunnel Code (conocido como BSTUN), (4) soporte para Native Client Interface Architecture (NCIA), (5) Data-link switching (conocido como DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 para Record Boundary Preservation (RBP), (9) X.25 sobre TCP (XOT), y (10) X.25 Routing en Cisco IOS v12.2 hasta 12.4 permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) mediante una serie de paquetes TCP manipulados. • http://secunia.com/advisories/34438 http://securitytracker.com/id?1021903 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904cb.shtml http://www.securityfocus.com/bid/34238 http://www.vupen.com/english/advisories/2009/0851 https://exchange.xforce.ibmcloud.com/vulnerabilities/49420 •
CVE-2009-0637
https://notcve.org/view.php?id=CVE-2009-0637
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command. El servidor SCP en Cisco IOS v12.2 hasta la versión v12.4, cuando se ha habilitado el acceso CLI basado en roles, no refuerza la configuración de la visualización CLI para transferencias de ficheros, permitiendo a atacantes remotos autenticados con una vista CLI adjunta (1) leer o (2) sobreescribir ficheros de su elección mediante un comando SCP. • http://secunia.com/advisories/34438 http://securitytracker.com/id?1021899 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c8.shtml http://www.securityfocus.com/bid/34247 http://www.vupen.com/english/advisories/2009/0851 https://exchange.xforce.ibmcloud.com/vulnerabilities/49423 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-3821 – Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3821
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el servidor HTTP en Cisco IOS v11.0 hasta v12.4, permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante (1) la cadena query al programa ping o (2) otros aspectos no especificados de una URI. • https://www.exploit-db.com/exploits/32723 http://jvn.jp/en/jp/JVN28344798/index.html http://osvdb.org/51393 http://osvdb.org/51394 http://secunia.com/advisories/33461 http://securityreason.com/securityalert/4916 http://securitytracker.com/id?1021598 http://www.cisco.com/en/US/products/products_security_response09186a0080a5c501.html http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr08-19 http://www.securityfocus.com/archive/1/500063/100/0/threaded http://www.securi • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, permite a atacantes remotos provocar una denegación de servicio (agotamiento de cola de conexión) a través de múltiples vectores que manipulan información en la tabla de estados del TCP, como lo demuestra sockstress. • http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni • CWE-16: Configuration •
CVE-2008-3806
https://notcve.org/view.php?id=CVE-2008-3806
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. En Cisco IOS v12.0 a la v12.4 en Cisco 10000, los paquetes externos del UDP del manejador de dispositivos de la serie uBR10012 y uBR7200 que se envían a las direcciones 127.0.0.0 /8 pensados para comunicación IPC dentro del dispositivo, permite que los atacantes remotos causen una denegación del servicio (reinicio del dispositivo o del linecard) a través de paquetes del UDP manipulados, una vulnerabilidad distinta de CVE-2008-3805. • http://secunia.com/advisories/31990 http://tools.cisco.com/security/center/viewAlert.x?alertId=16646 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014ae.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/45592 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7123 •