CVE-2007-2587
https://notcve.org/view.php?id=CVE-2007-2587
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.osvdb.org/35335 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce.ibmcloud.com/vulnerabilities/34196 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5444 •
CVE-2007-2586 – Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)
https://notcve.org/view.php?id=CVE-2007-2586
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener otro impacto, incluyendo la lectura de la configuración de inicio, como es demostrado mediante un comando MKD especialmente diseñado que involucra el acceso a un dispositivo VTY y desborda un búfer, también se conoce como ID de bug CSCek55259. • https://www.exploit-db.com/exploits/6155 http://seclists.org/bugtraq/2009/Jan/0183.html http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.exploit-db.com/exploits/6155 http://www.osvdb.org/35334 http://www.securityfocus.com/archive/1/494868 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce& • CWE-863: Incorrect Authorization •
CVE-2007-0648
https://notcve.org/view.php?id=CVE-2007-0648
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. Cisco IOS después de las versiones 12.3(14)T, 12.3(8)YC1, 12.3(8)YG y 12.4, con soporte de voz y sin el Session Initiated Protocol (SIP) configurado, permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de un paquete manipulado al puerto 5060/UDP. • http://secunia.com/advisories/23978 http://securitytracker.com/id?1017575 http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml http://www.kb.cert.org/vuls/id/438176 http://www.securityfocus.com/bid/22330 http://www.vupen.com/english/advisories/2007/0428 https://exchange.xforce.ibmcloud.com/vulnerabilities/31990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5138 •
CVE-2007-0481
https://notcve.org/view.php?id=CVE-2007-0481
Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header. Cisco IOS permite a atacantes remotos provocar una denegación de servicio (caída) mediante una cabecera manipulada de IPv6 Type 0 Routing. • http://osvdb.org/32091 http://secunia.com/advisories/23867 http://securitytracker.com/id?1017550 http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb0fd.shtml http://www.kb.cert.org/vuls/id/274760 http://www.securityfocus.com/bid/22210 http://www.us-cert.gov/cas/techalerts/TA07-024A.html http://www.vupen.com/english/advisories/2007/0329 https://exchange.xforce.ibmcloud.com/vulnerabilities/31715 https://oval.cisecurity.org/repository/search/definition/oval%3Ao •
CVE-2007-0480
https://notcve.org/view.php?id=CVE-2007-0480
Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet. Cisco IOS 9.x, 10.x, 11.x y 12.x y IOS XR 2.0.x, 3.0.x y 3.2.x permite a atacantes remotos provocar una denegación de servicio o ejecutar código de su elección mediante la manipulación de la opción IP en la cabecera IP de los paquetes 1) ICMP, (2) PIMv2, (3) PGM o (4) URD. • http://osvdb.org/32092 http://secunia.com/advisories/23867 http://securitytracker.com/id?1017555 http://www.cisco.com/en/US/products/products_security_advisory09186a00807cb157.shtml http://www.kb.cert.org/vuls/id/341288 http://www.securityfocus.com/bid/22211 http://www.us-cert.gov/cas/techalerts/TA07-024A.html http://www.vupen.com/english/advisories/2007/0329 https://exchange.xforce.ibmcloud.com/vulnerabilities/31725 https://oval.cisecurity.org/repository/search/definition/oval%3Ao •