CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4685
https://notcve.org/view.php?id=CVE-2010-4685
07 Jan 2011 — Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031. Cisco IOS anterior a v15.0(1)XA1 no borra la caché de clave pública en caso de cambio a un mapa de certificado, que permite a usuarios remotos autenticados evitar la prohibición del certificado mediante la conexión con un certificado prohibido que h... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4686
https://notcve.org/view.php?id=CVE-2010-4686
07 Jan 2011 — CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950. CallManager Express (CME) en Cisco IOS anteriores a v15.0(1)XA1 no maneja adecuadamente el tráfico SIP TRUNK que contiene las ráfagas y una tamaño de petición "peculiar", que permite a atacantes remotos pro... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4687
https://notcve.org/view.php?id=CVE-2010-4687
07 Jan 2011 — STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552. STCAPP (también conocido como la aplicación de control de telefonía SCCP) en Cisco IOS anteriores a v15.0(1)XA1 no maneja adecuadamente múltiples llamadas a una línea compartida, que permite ... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 2CVE-2010-4671
https://notcve.org/view.php?id=CVE-2010-4671
07 Jan 2011 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534. La implementación del protocolo Neighbor Discovery (ND) en la pila de IPv6 en Cisco IOS anterior a v15.0(1)XA5 permite a atacantes remotos provocar... • http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 2049EXPL: 1CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •
CVSS: 10.0EPSS: 57%CPEs: 165EXPL: 2CVE-2008-0960 – SNMPv3 - HMAC Validation error Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2008-0960
10 Jun 2008 — SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relie... • https://www.exploit-db.com/exploits/5790 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1150
https://notcve.org/view.php?id=CVE-2008-1150
27 Mar 2008 — The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309. La componente red privada virtual dial-up (VPDN) de Cisco IOS versiones anteriores a 12.3 permite a atacantes remotos provocar una denegación de servicio (agotamiento de recursos) a través de una ser... • http://secunia.com/advisories/29507 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1151
https://notcve.org/view.php?id=CVE-2008-1151
27 Mar 2008 — Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566. Fugas de memoria en la componente de red privada virtual dial-up (VPDN) en Cisco IOS versiones anteriores a 12.3 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de una se... • http://secunia.com/advisories/29507 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 49%CPEs: 1429EXPL: 2CVE-2007-5381 – Cisco IOS 12.3 - 'LPD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5381
12 Oct 2007 — Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515. Desbordamiento de búfer basado en pila en Line Printer Daemon (LPD) en Cisco IOS anterior a 12.2(18)SXF11, 12.4(16a), y 12.4(2)T6 permite a atacantes remotos ejecutar... • https://www.exploit-db.com/exploits/30652 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 12%CPEs: 22EXPL: 1CVE-2007-4430 – Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
https://notcve.org/view.php?id=CVE-2007-4430
20 Aug 2007 — Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. Una vulnerabilidad no especificada en Cisco IOS versiones 12.0 hasta 12.4, permite a atacantes dependiendo del contexto causar una denegación de servicio (reinicio... • https://www.exploit-db.com/exploits/30506 • CWE-20: Improper Input Validation •