Page 83 of 534 results (0.022 seconds)

CVSS: 7.1EPSS: 1%CPEs: 6EXPL: 0

Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. En Cisco IOS v12.4, cuando la Aplicación de Control de Inspección (AIC) del cortafuegos IOS con Inspección de Profundidad de Paquete HTTP está habilitada, permite a atacantes remotos causar denegación del servicio (reinicio de dispositivo) a través de paquetes de tránsito HTTP malformados. • http://secunia.com/advisories/31990 http://tools.cisco.com/security/center/viewAlert.x?alertId=16661 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01545.shtml http://www.securityfocus.com/bid/31354 http://www.securitytracker.com/id?1020929 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5302 •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. Cisco IOS v12.4 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de un paquete SSL creado correctamente durante la finalización de una sesión SSL. • http://secunia.com/advisories/31990 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0146c.shtml http://www.securitytracker.com/id?1020930 http://www.vupen.com/english/advisories/2008/2670 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6087 •

CVSS: 7.1EPSS: 1%CPEs: 10EXPL: 0

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. Vulnerabilidad no especificada en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4 y Unified Communications Manager v4.1 a la v6.1, cuando VoIP está configurada, permite a atacantes remotos provocar una denegación de servicio (reinicio de proceso o de dispositivo) a través de mensajes SIP válidos no especificados, también conocidos como "Cisco Bug ID CSCsu38644". Vulnerabilidad distinta de CVE-2008-3800 y CVE-2008-3802. • http://secunia.com/advisories/31990 http://secunia.com/advisories/32013 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml http://www.securityfocus.com/bid/31367 http://www.securitytracker.com/id?1020939 http://www.securitytracker.com/id?1020942 http://www.vupen.com/english/advisories/2008/2670 http://www.vupen.com/english/advisories/2008/2671 https://oval.cisecurity.org/re •

CVSS: 7.1EPSS: 1%CPEs: 10EXPL: 0

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. Vulnerabilidad no especificada en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4 y Unified Communications Manager v4.1 a la v6.1, cuando VoIP está configurada, permite a atacantes remotos provocar una denegación de servicio (reinicio de proceso o de dispositivo) a través de mensajes SIP válidos no especificados. Vulnerabilidad distinta de CVE-2008-3800 y CVE-2008-3802. • http://secunia.com/advisories/31990 http://secunia.com/advisories/32013 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml http://www.securityfocus.com/bid/31367 http://www.securitytracker.com/id?1020939 http://www.securitytracker.com/id?1020942 http://www.vupen.com/english/advisories/2008/2670 http://www.vupen.com/english/advisories/2008/2671 https://oval.cisecurity.org/re •

CVSS: 9.3EPSS: 1%CPEs: 2EXPL: 3

Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. Vulnerabilidad múltiple de falsificación de petición en sitios cruzados - CSRF en el componente de administración HTTP en el IOS Cisco 12.4 en el Router de Servicios Integrados 871, que permite a los atacantes remotos ejecutar arbitrariamente comandos a través de(1) ciertos comandos que "muestran lo privilegios" en /level/15/exec/- URI, y (2) ciertos comandos "alias exec" en /level/15/exec/-/configure/http URI. NOTA: algunos de estos detalles fueron obtenidos de información de terceros. • https://www.exploit-db.com/exploits/6476 http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html http://www.securityfocus.com/bid/31218 https://exchange.xforce.ibmcloud.com/vulnerabilities/45226 https://www.exploit-db.com/exploits/6477 • CWE-352: Cross-Site Request Forgery (CSRF) •