CVSS: 6.8EPSS: 13%CPEs: 8EXPL: 0CVE-2007-4294
https://notcve.org/view.php?id=CVE-2007-4294
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. Vulnerabilidad sin especificar en el Cisco Unified Communications Manager (CUCM) 5.0, 5.1, y 6.0 y en el IOS 12.0 hasta el 12.4, permite a atacantes remotos ejecutar código de su elección a través de un paquete SIP mal formado, también conocido como CSCsi80102. • http://osvdb.org/36693 http://secunia.com/advisories/26362 http://securitytracker.com/id?1018538 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5851 •
CVSS: 7.8EPSS: 7%CPEs: 188EXPL: 0CVE-2007-2813
https://notcve.org/view.php?id=CVE-2007-2813
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. Cisco IOS 12.4 y anteriores, cuando utilizan paquetes de cifrado y el soporte SSL está habilitado, permite a atacantes remotos provocar una denegación de servicio mediante mensajes (1) ClientHello, (2) ChangeCipherSpec, o (3) Finished durante una sesión SSL. • http://secunia.com/advisories/25361 http://www.cisco.com/en/US/products/products_security_advisory09186a0080847c49.shtml http://www.osvdb.org/35339 http://www.securityfocus.com/bid/24097 http://www.securitytracker.com/id?1018094 http://www.vupen.com/english/advisories/2007/1910 https://exchange.xforce.ibmcloud.com/vulnerabilities/34432 https://exchange.xforce.ibmcloud.com/vulnerabilities/34436 https://exchange.xforce.ibmcloud.com/vulnerabilities/34442 https://oval.cisecurity.org/repository/search/def •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2587
https://notcve.org/view.php?id=CVE-2007-2587
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). El servidor FTP IOS en Cisco IOS 11.3 hasta 12.4 permite a usuarios remotos autenticados provocar una denegación de servicio (recarga de IOS) mediante vectores no especificados involucrando transferencia de ficheros (también conocido como bug ID CSCse29244). • http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.osvdb.org/35335 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce.ibmcloud.com/vulnerabilities/34196 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5444 •
CVSS: 9.3EPSS: 89%CPEs: 380EXPL: 3CVE-2007-2586 – Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)
https://notcve.org/view.php?id=CVE-2007-2586
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. El servidor FTP en Cisco IOS versiones 11.3 hasta 12.4, no comprueba apropiadamente la autorización del usuario, lo que permite a atacantes remotos ejecutar código arbitrario, y tener otro impacto, incluyendo la lectura de la configuración de inicio, como es demostrado mediante un comando MKD especialmente diseñado que involucra el acceso a un dispositivo VTY y desborda un búfer, también se conoce como ID de bug CSCek55259. • https://www.exploit-db.com/exploits/6155 http://seclists.org/bugtraq/2009/Jan/0183.html http://secunia.com/advisories/25199 http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml http://www.exploit-db.com/exploits/6155 http://www.osvdb.org/35334 http://www.securityfocus.com/archive/1/494868 http://www.securityfocus.com/bid/23885 http://www.securitytracker.com/id?1018030 http://www.vupen.com/english/advisories/2007/1749 https://exchange.xforce& • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 6%CPEs: 53EXPL: 0CVE-2007-0648
https://notcve.org/view.php?id=CVE-2007-0648
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. Cisco IOS después de las versiones 12.3(14)T, 12.3(8)YC1, 12.3(8)YG y 12.4, con soporte de voz y sin el Session Initiated Protocol (SIP) configurado, permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de un paquete manipulado al puerto 5060/UDP. • http://secunia.com/advisories/23978 http://securitytracker.com/id?1017575 http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml http://www.kb.cert.org/vuls/id/438176 http://www.securityfocus.com/bid/22330 http://www.vupen.com/english/advisories/2007/0428 https://exchange.xforce.ibmcloud.com/vulnerabilities/31990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5138 •