CVSS: 5.0EPSS: 2%CPEs: 22EXPL: 1CVE-2007-4430 – Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4430
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes dependiendo del contexto causar una denegación de servicio (reinicio del dispositivo y reconstrucción de la tabla de enrutamiento BGP) por medio de ciertas expresiones regulares en un comando "show ip bgp regexp". NOTA: los ataques remotos no autenticados son posibles en entornos con acceso anónimo a telnet y Looking Glass. • https://www.exploit-db.com/exploits/30506 http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9 http://secunia.com/advisories/26798 http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html http://www.heise-security.co.uk/news/94526 http://www.securityfocus.com/bid/25352 http://www.securitytracker.com/id?1018685 http://www.vupen.com/english/a • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 6%CPEs: 5EXPL: 0CVE-2007-4293
https://notcve.org/view.php?id=CVE-2007-4293
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. Cisco IOS 12.0 hasta la 12.4 permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) a través de (1) mensajes MGCP "anómalos", también conocido como CSCsd81407, y (2) un paquete facsimile grande, también conocido como CSCej20505. • http://osvdb.org/36668 http://osvdb.org/36669 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://exchange.xforce.ibmcloud.com/vulnerabilities/35907 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5801 •
CVSS: 6.8EPSS: 13%CPEs: 8EXPL: 0CVE-2007-4294
https://notcve.org/view.php?id=CVE-2007-4294
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. Vulnerabilidad sin especificar en el Cisco Unified Communications Manager (CUCM) 5.0, 5.1, y 6.0 y en el IOS 12.0 hasta el 12.4, permite a atacantes remotos ejecutar código de su elección a través de un paquete SIP mal formado, también conocido como CSCsi80102. • http://osvdb.org/36693 http://secunia.com/advisories/26362 http://securitytracker.com/id?1018538 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5851 •
CVSS: 7.1EPSS: 10%CPEs: 5EXPL: 0CVE-2007-4291
https://notcve.org/view.php?id=CVE-2007-4291
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. Cisco IOS 12.0 hasta 12.4 permite a atacantes remotos provocar una denegación de servicio mediante (1) un paquete MGCP mal formado, que provoca un cuelgue de dispositivo, también conocido como CSCsf08998; un paquete H.323 mal formado que causa una caída de dispositivo, como se identificó en (2) CSCsi60004 con Proxy Unregistration y (3) CSCsg70474; y un paquete Real-time Transport Protocol (RTP) mal formado, que provoca una caída de dispositivo, como se identificó en (4) CSCse68138, relativo a VOIP RTP Lib, y (5) CSCse05642, relativo a corrupción de memoria de E/S. • http://osvdb.org/36677 http://osvdb.org/36678 http://osvdb.org/36679 http://osvdb.org/36680 http://osvdb.org/36681 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://exchange.xforce.ibmcloud.com/vulnerabilities/35903 https://exchange.xforce.ibmcloud.com/vulnerabilities/35904 h •
CVSS: 6.8EPSS: 13%CPEs: 5EXPL: 0CVE-2007-4295
https://notcve.org/view.php?id=CVE-2007-4295
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. Vulnerabilidad sin especificar en el Cisco IOS 12.0 hasta la 12.4 permite a atacantes remotos ejecutar código de su elección a través de paquetes SIP mal formados, también conocido como CSCsi80749. • http://osvdb.org/36667 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075 •