CVSS: 7.8EPSS: 1%CPEs: 33EXPL: 0CVE-2014-2113
https://notcve.org/view.php?id=CVE-2014-2113
27 Mar 2014 — Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540. Cisco IOS 15.1 hasta 15.3 y IOS XE 3.3 y 3.5 anterior a 3.5.2E; 3.7 anterior a 3.7.5S y 3.8, 3.9 y 3.10 anterior a 3.10.2S permiten a atacantes remotos causar una denegación de servicio (consumo de memoria de E/S y reinicio de dispositivo) a ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-ipv6 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2014-2124
https://notcve.org/view.php?id=CVE-2014-2124
20 Mar 2014 — Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783. Cisco IOS 15.1(2)SY3 y anteriores, cuando utilizado con Supervisor Engine 2T (también conocido como Sup2T) en dispositivos Catalyst 6500, permite a atacantes remotos causar una denegación de servicio (caída de dispositivo) a través de paquetes multicast manipulados, también conocid... • http://secunia.com/advisories/57515 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2013-6692
https://notcve.org/view.php?id=CVE-2013-6692
22 Nov 2013 — Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949. Cisco IOS XE 3.8S(.2) y anteriores versiones no usan adecuadamente un pool DHCP durante la asignación de una dirección IP, lo que permite a usuarios remotos autenticados provocar una denegación de servicio (reinicio del dispositivo) a través de... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6692 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-6693
https://notcve.org/view.php?id=CVE-2013-6693
22 Nov 2013 — The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345. La implementación MLDP en Cisco IOS 15.3(3)S y anteriores versiones de routers 7600, cuando son configurados varios VRFs, permite a atacantes remotos provocar una denegación de servicio (corrupción de chunk y reinicio del dispositivo) mediante el establec... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6693 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2013-6686
https://notcve.org/view.php?id=CVE-2013-6686
16 Nov 2013 — The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568. La implementación SSL VPN en Cisco IOS 15.3(1)T2 y anteriores permite a usuarios remotos autenticados provocar una denegación de servicio (interfaz de cola wedge) a través de paquetes DTLS en una sesión SSL, también conocido como Bug IDs CSCuh97409 and CSCud90568. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6686 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2013-5552
https://notcve.org/view.php?id=CVE-2013-5552
13 Nov 2013 — Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. Cisco IOS 12.4(24)MDB9 y anteriores versiones de dispositivos Content Services Gateway (CSG) no implementa adecuadamente la característica "parse error drop", lo que permite a atacantes remotos evadir restricciones de acceso intencionadas a través de... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5552 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2013-5546
https://notcve.org/view.php?id=CVE-2013-5546
31 Oct 2013 — The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509. La característica de reensamblado de TCP en Cisco IOS XE 3.7 antes 3.7.3S y 3.8 antes de 3.8.1S de dispositivos ASR 1000 permite a atacantes remotos provocar una denegación de servicio (recarga dispositivo) a través de grandes paquetes TCP... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2059
https://notcve.org/view.php?id=CVE-2011-2059
22 Oct 2011 — The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. El componente IPv6 en Cisco IOS anterior a v15.1(4)M1.3 permite a atacantes remotos a realizar ataques para la obtención de datos del servidor (fingerpri... • http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5038
https://notcve.org/view.php?id=CVE-2009-5038
07 Jan 2011 — Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. Cisco IOS en versiones anteriores a la 15.0(1)XA no maneja apropiadamente el tráfico IRC durante un periodo de tiempo específico después de una recarga inicial, lo que permite a atacantes remotos provocar... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5039
https://notcve.org/view.php?id=CVE-2009-5039
07 Jan 2011 — Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. Pérdida de memoria en la función gk_circuit_info_do_in_acf en la implementación H.323 en Cisco IOS antes de v15.0(1)XA permite a atacantes remotos provocar una denegación de servicio (consumo... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-772: Missing Release of Resource after Effective Lifetime •