CVE-2007-1258
https://notcve.org/view.php?id=CVE-2007-1258
Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. Vulnerabilidad no especificada en Cisco IOS 12.2SXA, SXB, SXD, and SXF; y el MSFC2, MSFC2a y MSFC3 corriendo en Modo Híbrido en Cisco Catalyst 6000, 6500 y Cisco 7600 series systems; permite a atacantes remotos en un segmento de red local provocar una denegación de servicio (recarga de software) mediante un paquete MPLS concreto. • http://osvdb.org/33067 http://secunia.com/advisories/24348 http://www.cisco.com/warp/public/707/cisco-sa-20070228-mpls.shtml http://www.securitytracker.com/id?1017709 http://www.vupen.com/english/advisories/2007/0782 https://exchange.xforce.ibmcloud.com/vulnerabilities/32748 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5869 •
CVE-2007-0918
https://notcve.org/view.php?id=CVE-2007-0918
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. El motor de firmas ATOMIC.TCP en la función Intrusion Prevention System (IPS) para Cisco IOS versiones 12.4XA, 12.3YA, 12.3T y otros trenes permite a los atacantes remotos causar una denegación de servicio (bloqueo de IPS y pérdida de tráfico) por medio de manipulaciones no especificadas que no se manejan apropiadamente con la función regular expression, como se demuestra con la firma 3123.0 (Netbus Pro Traffic). • http://osvdb.org/33053 http://secunia.com/advisories/24142 http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html http://www.securityfocus.com/bid/22549 http://www.securitytracker.com/id?1017631 http://www.vupen.com/english/advisories/2007/0597 https://exchange.xforce.ibmcloud.com/vulnerabilities/32474 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5 •
CVE-2007-0917
https://notcve.org/view.php?id=CVE-2007-0917
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. El Sistema de Prevención de Intrusión (IPS) para Cisco IOS 12.4XE hasta 12.3T permite a atacantes remotos evitar firmas IPS que utilizan expresiones regulares mediante paquetes fragmentados. • http://osvdb.org/33052 http://secunia.com/advisories/24142 http://www.cisco.com/en/US/products/products_security_advisory09186a00807e0a5b.shtml http://www.cisco.com/en/US/products/products_security_response09186a00807e0a5e.html http://www.securityfocus.com/bid/22549 http://www.securitytracker.com/id?1017631 http://www.vupen.com/english/advisories/2007/0597 https://exchange.xforce.ibmcloud.com/vulnerabilities/32473 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5 •
CVE-2007-0648
https://notcve.org/view.php?id=CVE-2007-0648
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. Cisco IOS después de las versiones 12.3(14)T, 12.3(8)YC1, 12.3(8)YG y 12.4, con soporte de voz y sin el Session Initiated Protocol (SIP) configurado, permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de un paquete manipulado al puerto 5060/UDP. • http://secunia.com/advisories/23978 http://securitytracker.com/id?1017575 http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml http://www.kb.cert.org/vuls/id/438176 http://www.securityfocus.com/bid/22330 http://www.vupen.com/english/advisories/2007/0428 https://exchange.xforce.ibmcloud.com/vulnerabilities/31990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5138 •
CVE-2007-0199
https://notcve.org/view.php?id=CVE-2007-0199
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." La propiedad Data-link Switching (DLSw) en Cisco IOS 11.0 hata 12.4 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) mediante "un valor inválido en un mensaje DLSw... durante el intercambio de habilidades". • http://osvdb.org/32683 http://secunia.com/advisories/23697 http://securitytracker.com/id?1017498 http://www.cisco.com/warp/public/707/cisco-sa-20070110-dlsw.shtml http://www.securityfocus.com/bid/21990 http://www.vupen.com/english/advisories/2007/0139 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5714 •