Page 66 of 456 results (0.013 seconds)

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. Fuga de memoria en la implementación de la Session Initiation Protocol (SIP) en Cisco IOS v12.2 a la v12.4, cuando VoIP está configurada, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y parada del servicio de voz) a través de mensajes SIP válidos no especificados. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml http://www.securitytracker.com/id?1020939 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5927 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 8.5EPSS: 1%CPEs: 11EXPL: 0

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806. Cisco IOS v12.0 a la v12.4 sobre Cisco 10000, uBR10012 y uBR7200 maneja los paquetes externos UDP que son enviados a las direcciones 127.0.0.0/8 intencionadamente para la comunicación IPC en el propio dispositivo, esto permite a atacantes remotos provocar una denegación de servicio (reinicio de dispositivo o de "linecard") a través de paquetes UDP manipulados. Vulnerabilidad distinta de CVE-2008-3806. • http://secunia.com/advisories/31990 http://tools.cisco.com/security/center/viewAlert.x?alertId=16646 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014ae.shtml http://www.securitytracker.com/id?1020935 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5910 •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. Vulnerabilidad no especificada en Cisco IOS v12.2 y v12.4. Cuando está habilitado el proceso de demonio del L2TP (Layer 2 Tunneling Protocol) mgmt permite a atacantes remotos causar denegación de servicio (reinicio de dispositivo) a través un paquete L2TP manipulado. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0157a.shtml http://www.securitytracker.com/id?1020938 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5362 •

CVSS: 7.8EPSS: 2%CPEs: 17EXPL: 0

Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. En Cisco IOS v12.2 y 12.4, cuando el soporte de Fragmentación del protocolo de control de llamada NAT Skinny (SCCP) está habilitado, permite a atacantes de control remoto causar denegación de servicio (reinicio de dispositivo) a través de mensajes SCCP segmentados, aka CSCsg22426, una vulnerabilidad distinta de CVE-2008-3811. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0148e.shtml http://www.securityfocus.com/bid/31359 http://www.securitytracker.com/id?1020937 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6112 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 2%CPEs: 17EXPL: 0

Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. En Cisco IOS v12.2 y 12.4, cuando el soporte de Fragmentación del protocolo de control de llamada NAT Skinny (SCCP) está habilitado, permite a atacantes de control remoto causar denegación de servicio (reinicio de dispositivo) a través de mensajes SCCP, aka Cisco Bug ID CSCsi17020, una vulnerabilidad distinta de CVE-2008-3810. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0148e.shtml http://www.securityfocus.com/bid/31359 http://www.securitytracker.com/id?1020937 http://www.vupen.com/english/advisories/2008/2670 https://exchange.xforce.ibmcloud.com/vulnerabilities/45535 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5900 • CWE-20: Improper Input Validation •