CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4687
https://notcve.org/view.php?id=CVE-2010-4687
07 Jan 2011 — STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552. STCAPP (también conocido como la aplicación de control de telefonía SCCP) en Cisco IOS anteriores a v15.0(1)XA1 no maneja adecuadamente múltiples llamadas a una línea compartida, que permite ... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5038
https://notcve.org/view.php?id=CVE-2009-5038
07 Jan 2011 — Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. Cisco IOS en versiones anteriores a la 15.0(1)XA no maneja apropiadamente el tráfico IRC durante un periodo de tiempo específico después de una recarga inicial, lo que permite a atacantes remotos provocar... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5039
https://notcve.org/view.php?id=CVE-2009-5039
07 Jan 2011 — Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. Pérdida de memoria en la función gk_circuit_info_do_in_acf en la implementación H.323 en Cisco IOS antes de v15.0(1)XA permite a atacantes remotos provocar una denegación de servicio (consumo... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.8EPSS: 0%CPEs: 1550EXPL: 0CVE-2009-5040
https://notcve.org/view.php?id=CVE-2009-5040
07 Jan 2011 — CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. CallManager Express (CME) en Cisco IOS en versiones anteriores a la 15.0(1)XA permite a usuarios autenticados remotos provocar una denegación de servicio (caída del dispositivo) haciendo que un teléfono "extension mobility" (EM) interactúe con el menu de cambios ... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 2CVE-2010-4671
https://notcve.org/view.php?id=CVE-2010-4671
07 Jan 2011 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534. La implementación del protocolo Neighbor Discovery (ND) en la pila de IPv6 en Cisco IOS anterior a v15.0(1)XA5 permite a atacantes remotos provocar... • http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 288EXPL: 0CVE-2009-2872
https://notcve.org/view.php?id=CVE-2009-2872
28 Sep 2009 — Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. Cisco IOS v12.0 hasta la v12.4, cuando están activados los túneles basados en IP y la utilidad "Cisco Express Forwarding", permite a atacantes remotos provocar una denegación de servicio (recarg... • http://osvdb.org/58333 •
CVSS: 7.5EPSS: 0%CPEs: 304EXPL: 0CVE-2009-2873
https://notcve.org/view.php?id=CVE-2009-2873
28 Sep 2009 — Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. Cisco IOS v12.0 hasta 12.4, cuando está habilitada la funcionalidad de túnel basado en IP y el Cisco Express Forwarding, permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) mediante paquetes deformados, también conocido como Bug ID CSCsx70889. • http://osvdb.org/58334 •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2009-1168
https://notcve.org/view.php?id=CVE-2009-1168
30 Jul 2009 — Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. Cisco IOS v12.0(32)S12 hasta v12.... • http://secunia.com/advisories/36046 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2009-2049
https://notcve.org/view.php?id=CVE-2009-2049
30 Jul 2009 — Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. Cisco IOS v12.0(32)S12 hasta v12.0(32)S13 y v12.0(33)S3 ha... • http://secunia.com/advisories/36046 • CWE-16: Configuration •
CVSS: 7.5EPSS: 0%CPEs: 310EXPL: 0CVE-2009-0630
https://notcve.org/view.php?id=CVE-2009-0630
27 Mar 2009 — The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows re... • http://secunia.com/advisories/34438 •