Page 5 of 80 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

23 Apr 2014 — The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003. El proceso de router BGP en Cisco IOS anterior a 12.2(50)SY1 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de vectores involucrando atributos de ruta BGP, también conocido como Bug ID CSCsw63003. • http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/release/notes/ol_20679.html • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

23 Apr 2014 — Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809. Cisco IOS anterior a 15.3(1)T, cuando Media Flow-Around no está utilizado, permite a atacantes remotos causar una denegación de servicio (bucles de medios y corrupción de memoria en pila) a través de trafico VoIP, también conocido como Bug ID CSCub45809. • http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

04 Apr 2014 — The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. La implementación IKE en Cisco IOS 15.4(1)T y anteriores y IOS XE permite a atacantes remotos causar una denegación de servicio (abandono de asociación de seguridad) a través de paquetes Main Mode manipulados, también conocido como Bug ID CSCun31021. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2143 •

CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0

20 Mar 2014 — Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783. Cisco IOS 15.1(2)SY3 y anteriores, cuando utilizado con Supervisor Engine 2T (también conocido como Sup2T) en dispositivos Catalyst 6500, permite a atacantes remotos causar una denegación de servicio (caída de dispositivo) a través de paquetes multicast manipulados, también conocid... • http://secunia.com/advisories/57515 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

22 Nov 2013 — The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345. La implementación MLDP en Cisco IOS 15.3(3)S y anteriores versiones de routers 7600, cuando son configurados varios VRFs, permite a atacantes remotos provocar una denegación de servicio (corrupción de chunk y reinicio del dispositivo) mediante el establec... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0

16 Nov 2013 — The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568. La implementación SSL VPN en Cisco IOS 15.3(1)T2 y anteriores permite a usuarios remotos autenticados provocar una denegación de servicio (interfaz de cola wedge) a través de paquetes DTLS en una sesión SSL, también conocido como Bug IDs CSCuh97409 and CSCud90568. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6686 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0

13 Nov 2013 — Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. Cisco IOS 12.4(24)MDB9 y anteriores versiones de dispositivos Content Services Gateway (CSG) no implementa adecuadamente la característica "parse error drop", lo que permite a atacantes remotos evadir restricciones de acceso intencionadas a través de... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5552 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

22 Oct 2011 — The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. El componente IPv6 en Cisco IOS anterior a v15.1(4)M1.3 permite a atacantes remotos a realizar ataques para la obtención de datos del servidor (fingerpri... • http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1409EXPL: 0

07 Jun 2011 — The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated by (1) a packet in which the first fragment contains a long Destination Options extension header or (2) a packet in which the first fragment contains an ICMPv6 Echo Request message. La implementación del protocol... • http://seclists.org/fulldisclosure/2011/May/446 • CWE-16: Configuration •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

07 Jan 2011 — Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. Cisco IOS en versiones anteriores a la 15.0(1)XA no maneja apropiadamente el tráfico IRC durante un periodo de tiempo específico después de una recarga inicial, lo que permite a atacantes remotos provocar... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •