CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2013-5552
https://notcve.org/view.php?id=CVE-2013-5552
13 Nov 2013 — Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. Cisco IOS 12.4(24)MDB9 y anteriores versiones de dispositivos Content Services Gateway (CSG) no implementa adecuadamente la característica "parse error drop", lo que permite a atacantes remotos evadir restricciones de acceso intencionadas a través de... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5552 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2013-5472
https://notcve.org/view.php?id=CVE-2013-5472
27 Sep 2013 — The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of service (device reload) by leveraging an MSDP peer relationship, aka Bug ID CSCuc81226. La implementación NTP en Cisco IOS 12.0 hasta 12.4 y 15.0 hasta 15.1, e IOS XE 2.1 hasta 3.3, no maneja apropiadamente la encapsulación de paquetes multicast NTP en los mensajes M... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130925-ntp • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 566EXPL: 0CVE-2013-0149
https://notcve.org/view.php?id=CVE-2013-0149
03 Aug 2013 — The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSC... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2012-1367
https://notcve.org/view.php?id=CVE-2012-1367
06 Aug 2012 — The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538. La implementación de MallocLite en Cisco IOS v12.0, v12.2, v15.0, v15.1, y v15.2 permite a atacantes remotos causar una denegación de servicio (caída de la ruta del procesador) a través de un mensaje BGP UPDATE con una modificación de la prefe... • http://www.cisco.com/en/US/docs/ios/12_2sr/release/notes/122SRcavs1.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2011-4012
https://notcve.org/view.php?id=CVE-2011-4012
02 May 2012 — Cisco IOS 12.0, 15.0, and 15.1, when a Policy Feature Card 3C (PFC3C) is used, does not create a fragment entry during processing of an ICMPv6 ACL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtj90091. Cisco IOS v12.0, v15.0, y v15.1, cuando se utiliza una Policy Feature Card 3C (PFC3C), no crea una entrada de fragmentos durante el procesamiento de una ACL ICMPv6, que tiene un impacto no especificado y vectores de ataque remotos, también conocido como Bug ID CSCtj90091. • http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/release/notes/caveats_SXJ.html •
CVSS: 7.8EPSS: 0%CPEs: 758EXPL: 0CVE-2012-0382
https://notcve.org/view.php?id=CVE-2012-0382
29 Mar 2012 — The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) via encapsulated IGMP data in an MSDP packet, aka Bug ID CSCtr28857. La implementación del protocolo de descubrimiento de origen Multicast (Multicast Source Discovery Protocol - MSDP) en Cisco IOS v12.0, v12.2 a... • http://osvdb.org/80693 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 758EXPL: 0CVE-2012-0381
https://notcve.org/view.php?id=CVE-2012-0381
29 Mar 2012 — The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCts38429. La implementación de IKEv1 en Cisco IOS v12.2 a v12.4 y v15.0 a v15.2 y en IOS XE v2.1.x a v2.6.x y v3.1.xS a 3.4.xS antes de v3.4.2S, v3.5.xS antes de v3.5.1S y 3.2.x... • http://osvdb.org/80700 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2059
https://notcve.org/view.php?id=CVE-2011-2059
22 Oct 2011 — The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. El componente IPv6 en Cisco IOS anterior a v15.1(4)M1.3 permite a atacantes remotos a realizar ataques para la obtención de datos del servidor (fingerpri... • http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-0946
https://notcve.org/view.php?id=CVE-2011-0946
03 Oct 2011 — The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712. La implementación de NAT en Cisco IOS v12.1 a v12.4 y v15.0 a v15.1, y en Cisco IOS XE v3.1.xSG, permite a atacantes remotos causar una denegación de servicio (reinicio o bloqueo del dispositivo) a través de tráfico LDAP mal for... • http://tools.cisco.com/security/center/viewAlert.x?alertId=24117 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-3279
https://notcve.org/view.php?id=CVE-2011-3279
03 Oct 2011 — The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219. La implementación MPLS NAT en Cisco IOS v12.1 hasta v12.4 y v15.0 hasta v15.1, y IOS XE v3.1.xSG, permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de paquetes SIP mal formados en el puesto UDP 5060, también c... • http://tools.cisco.com/security/center/viewAlert.x?alertId=24121 •