CVSS: 5.0EPSS: 2%CPEs: 22EXPL: 1CVE-2007-4430 – Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4430
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes dependiendo del contexto causar una denegación de servicio (reinicio del dispositivo y reconstrucción de la tabla de enrutamiento BGP) por medio de ciertas expresiones regulares en un comando "show ip bgp regexp". NOTA: los ataques remotos no autenticados son posibles en entornos con acceso anónimo a telnet y Looking Glass. • https://www.exploit-db.com/exploits/30506 http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf7bc9 http://secunia.com/advisories/26798 http://www.cisco.com/en/US/products/products_security_response09186a00808bb91c.html http://www.heise-security.co.uk/news/94526 http://www.securityfocus.com/bid/25352 http://www.securitytracker.com/id?1018685 http://www.vupen.com/english/a • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 6%CPEs: 5EXPL: 0CVE-2007-4293
https://notcve.org/view.php?id=CVE-2007-4293
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. Cisco IOS 12.0 hasta la 12.4 permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) a través de (1) mensajes MGCP "anómalos", también conocido como CSCsd81407, y (2) un paquete facsimile grande, también conocido como CSCej20505. • http://osvdb.org/36668 http://osvdb.org/36669 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://exchange.xforce.ibmcloud.com/vulnerabilities/35907 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5801 •
CVSS: 9.0EPSS: 2%CPEs: 4EXPL: 0CVE-2007-4285
https://notcve.org/view.php?id=CVE-2007-4285
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. Una vulnerabilidad no especificada en Cisco IOS y Cisco IOS XR versiones 12.x hasta 12.3, incluyendo algunas versiones anteriores a 12.3(15) y 12.3(14)T, permite a atacantes remotos obtener información confidencial (contenido del paquete parcial) o causar una denegación de servicio (bloqueo de router o componente) por medio de paquetes IPv6 diseñados con un encabezado de enrutamiento Type 0. • http://secunia.com/advisories/26359 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899647.shtml http://www.securitytracker.com/id?1018542 http://www.vupen.com/english/advisories/2007/2819 https://exchange.xforce.ibmcloud.com/vulnerabilities/35906 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5840 •
CVSS: 7.1EPSS: 10%CPEs: 5EXPL: 0CVE-2007-4291
https://notcve.org/view.php?id=CVE-2007-4291
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. Cisco IOS 12.0 hasta 12.4 permite a atacantes remotos provocar una denegación de servicio mediante (1) un paquete MGCP mal formado, que provoca un cuelgue de dispositivo, también conocido como CSCsf08998; un paquete H.323 mal formado que causa una caída de dispositivo, como se identificó en (2) CSCsi60004 con Proxy Unregistration y (3) CSCsg70474; y un paquete Real-time Transport Protocol (RTP) mal formado, que provoca una caída de dispositivo, como se identificó en (4) CSCse68138, relativo a VOIP RTP Lib, y (5) CSCse05642, relativo a corrupción de memoria de E/S. • http://osvdb.org/36677 http://osvdb.org/36678 http://osvdb.org/36679 http://osvdb.org/36680 http://osvdb.org/36681 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://exchange.xforce.ibmcloud.com/vulnerabilities/35903 https://exchange.xforce.ibmcloud.com/vulnerabilities/35904 h •
CVSS: 6.8EPSS: 13%CPEs: 5EXPL: 0CVE-2007-4295
https://notcve.org/view.php?id=CVE-2007-4295
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. Vulnerabilidad sin especificar en el Cisco IOS 12.0 hasta la 12.4 permite a atacantes remotos ejecutar código de su elección a través de paquetes SIP mal formados, también conocido como CSCsi80749. • http://osvdb.org/36667 http://secunia.com/advisories/26363 http://securitytracker.com/id?1018533 http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml http://www.securityfocus.com/bid/25239 http://www.vupen.com/english/advisories/2007/2816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075 •