Page 46 of 282 results (0.004 seconds)

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. Vulnerabilidad no especificada en el lado de servidor de la implementación de Secure Copy (SCP) de Cisco IOS basado en 12.2 permite a usuarios autenticados remotamente leer, escribir o sobrescribir cualquier archivo en el sistema de ficheros del dispositivo mediante vectores no especificados. • http://osvdb.org/36694 http://secunia.com/advisories/26361 http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtml http://www.securityfocus.com/bid/25240 http://www.securitytracker.com/id?1018534 http://www.vupen.com/english/advisories/2007/2817 https://exchange.xforce.ibmcloud.com/vulnerabilities/35872 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5542 •

CVSS: 7.8EPSS: 7%CPEs: 188EXPL: 0

Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. Cisco IOS 12.4 y anteriores, cuando utilizan paquetes de cifrado y el soporte SSL está habilitado, permite a atacantes remotos provocar una denegación de servicio mediante mensajes (1) ClientHello, (2) ChangeCipherSpec, o (3) Finished durante una sesión SSL. • http://secunia.com/advisories/25361 http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml http://www.osvdb.org/35339 http://www.securityfocus.com/bid/24097 http://www.securitytracker.com/id?1018094 http://www.vupen.com/english/advisories/2007/1910 https://exchange.xforce.ibmcloud.com/vulnerabilities/34432 https://exchange.xforce.ibmcloud.com/vulnerabilities/34436 https://exchange.xforce.ibmcloud.com/vulnerabilities/34442 https://oval.cisecurity.org/repository/search/def •

CVSS: 7.8EPSS: 5%CPEs: 23EXPL: 0

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. El Sistema de Prevención de Intrusiones (Intrusion Prevention System o IPS) de Cisco e IOS con el juego de funcionalidades Firewall/IPS no maneja adecuadamente determinadas codificaciones de caracteres Unicode de ancho completo y medio, lo cual podría permitir a atacantes remotos evadir la detección de tráfico HTTP. • http://secunia.com/advisories/25285 http://www.cisco.com/en/US/products/products_security_response09186a008083f82e.html http://www.gamasec.net/english/gs07-01.html http://www.kb.cert.org/vuls/id/739224 http://www.osvdb.org/35336 http://www.securityfocus.com/archive/1/468633/100/0/threaded http://www.securityfocus.com/bid/23980 http://www.securitytracker.com/id?1018053 http://www.securitytracker.com/id?1018054 http://www.vupen.com/english/advisories/2007/1803 https:/&#x •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.osvdb.org/35335 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce.ibmcloud.com/vulnerabilities/34196 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5444 •

CVSS: 9.3EPSS: 89%CPEs: 380EXPL: 3

The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener otro impacto, incluyendo la lectura de la configuración de inicio, como es demostrado mediante un comando MKD especialmente diseñado que involucra el acceso a un dispositivo VTY y desborda un búfer, también se conoce como ID de bug CSCek55259. • https://www.exploit-db.com/exploits/6155 http://seclists.org/bugtraq/2009/Jan/0183.html http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.exploit-db.com/exploits/6155 http://www.osvdb.org/35334 http://www.securityfocus.com/archive/1/494868 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce& • CWE-863: Incorrect Authorization •