CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2009-2867
https://notcve.org/view.php?id=CVE-2009-2867
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691. Vulnerabilidad sin especificar en Cisco IOS 1v2.2XNA, v12.2XNB, v12.2XNC, v12.2XND, v12.4T, v12.4XZ y v12.4YA. Cuando la función "Policy Firewall SIP Inspection" está activada, permite a usuarios remotos provocar una denegación de servicio (recarga del dispositivo) a través de un paquete de tránsito SIP modificado. También conocido como Bug ID CSCsr18691. • http://tools.cisco.com/security/center/viewAlert.x?alertId=18886 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8130.shtml http://www.securitytracker.com/id?1022930 http://www.vupen.com/english/advisories/2009/2759 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7254 •
CVSS: 7.8EPSS: 2%CPEs: 72EXPL: 0CVE-2009-2866
https://notcve.org/view.php?id=CVE-2009-2866
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. Vulnerabilidad sin especificar en Cisco IOS v12.2 hasta la v12.4 permite a usuarios remotos provocar una denegación de servicio (recarga del dispositivo) a través de un paquete H.323 modificado. También conocido como Bug ID CSCsz38104. • http://osvdb.org/58337 http://tools.cisco.com/security/center/viewAlert.x?alertId=18885 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811a.shtml http://www.securityfocus.com/bid/36494 http://www.securitytracker.com/id?1022930 http://www.vupen.com/english/advisories/2009/2759 https://exchange.xforce.ibmcloud.com/vulnerabilities/53446 •
CVSS: 7.6EPSS: 2%CPEs: 5EXPL: 0CVE-2009-2865
https://notcve.org/view.php?id=CVE-2009-2865
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779. Desbordamiento de búfer en la implementación del inicio de sesión de la característica "Extension Mobility" del componente "Unified Communications Manager Express" (CME) de Cisco IOS v12.4XW, v12.4XY, v12.4XZ y v12.4YA. Permite a usuarios remotos ejecutar código de su elección o provocar una denegación de servicio a través de peticiones HTTP modificadas. También conocido como Bug ID CSCsq58779. • http://osvdb.org/58335 http://tools.cisco.com/security/center/viewAlert.x?alertId=18884 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8116.shtml http://www.securityfocus.com/bid/36498 http://www.securitytracker.com/id?1022932 http://www.vupen.com/english/advisories/2009/2758 https://exchange.xforce.ibmcloud.com/vulnerabilities/53448 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2009-2862
https://notcve.org/view.php?id=CVE-2009-2862
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252. Los "Object Groups" (grupos de objetos) para la funcionalidad de listas de control de acceso (ACLs) en Cisco IOS v12.2XNB, v12.2XNC, v12.2XND, v12.4MD, v12.4T, v12.4XZ y v12.4YA permiten a los usuarios remotos evitar las restricciones establecidas a través de peticiones modificadas. También conocido como IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122 y CSCsu50252. • http://osvdb.org/58338 http://tools.cisco.com/security/center/viewAlert.x?alertId=18876 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml http://www.securityfocus.com/bid/36495 http://www.securitytracker.com/id?1022933 http://www.vupen.com/english/advisories/2009/2759 •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2009-2051
https://notcve.org/view.php?id=CVE-2009-2051
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. Cisco Unified Communications Manager (también conocido como CUCM, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores v6.1(4), y v7.x anteriores v7.1(2) permite a los atacantes remotos causar una denegación de servicio (parada del servicio de voz) a través de mensajes malformados SIP INVITE que lanzan una llamada incorrecta a la función sipSafeStrlen, también conocida como Bug ID CSCsz40392. • http://osvdb.org/57453 http://secunia.com/advisories/36498 http://secunia.com/advisories/36499 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml http://www.securityfocus.com/bid/36152 http://www.securitytracker.com/id?1022775 •