Page 89 of 534 results (0.006 seconds)

CVSS: 7.8EPSS: 6%CPEs: 53EXPL: 0

Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. Cisco IOS después de las versiones 12.3(14)T, 12.3(8)YC1, 12.3(8)YG y 12.4, con soporte de voz y sin el Session Initiated Protocol (SIP) configurado, permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de un paquete manipulado al puerto 5060/UDP. • http://secunia.com/advisories/23978 http://securitytracker.com/id?1017575 http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml http://www.kb.cert.org/vuls/id/438176 http://www.securityfocus.com/bid/22330 http://www.vupen.com/english/advisories/2007/0428 https://exchange.xforce.ibmcloud.com/vulnerabilities/31990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5138 •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." La propiedad Data-link Switching (DLSw) en Cisco IOS 11.0 hata 12.4 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) mediante "un valor inválido en un mensaje DLSw... durante el intercambio de habilidades". • http://osvdb.org/32683 http://secunia.com/advisories/23697 http://securitytracker.com/id?1017498 http://www.cisco.com/warp/public/707/cisco-sa-20070110-dlsw.shtml http://www.securityfocus.com/bid/21990 http://www.vupen.com/english/advisories/2007/0139 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5714 •

CVSS: 10.0EPSS: 2%CPEs: 228EXPL: 0

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. Cisco IOS 12.2 hasta 12.4 anteriores al 20/09/2006, usados por Cisco IAD2430, IAD2431, y IAD2432 Integrated Access Devices, el VG224 Analog Phone Gateway, y el MWR 1900 y 1941 Mobile Wireless Edge Routers, está identificado de forma incorrecta como soporte DOCSIS, lo que permiet a un atacante remoto conseguir acceso lectura-escritura a través de una secuencia de hard-coded cable-docsis y leer o modificar variables SNMP de su elección. • http://secunia.com/advisories/21974 http://securitytracker.com/id?1016899 http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml http://www.kb.cert.org/vuls/id/123140 http://www.osvdb.org/29034 http://www.securityfocus.com/bid/20125 http://www.vupen.com/english/advisories/2006/3722 https://exchange.xforce.ibmcloud.com/vulnerabilities/29054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5665 •

CVSS: 7.8EPSS: 8%CPEs: 2EXPL: 0

The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. El VLAN Trunking Protocol (VTP) característico en Cisco IOS 12.1(19) y CatOS permite a un atacante remoto provocar una denegación de servicio con el envío de una actualización de VTP con un valor de revisión de 0x7FFFFFFF, el cual se incrementa a 0x80000000 y es interpretado como un número negativo en un contexto de señales. • http://secunia.com/advisories/21896 http://secunia.com/advisories/21902 http://securitytracker.com/id?1016843 http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml http://www.kb.cert.org/vuls/id/175148 http://www.osvdb.org/28776 http://www.phenoelit.de/stuff/CiscoVTP.txt http://www.securityfocus.com/archive/1/445896/100/0/threaded http://www.securityfocus.com/archive/1/445938/100/0/threaded http://www.securityfocus.com/bid/19998 http://www.vupen& • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 44%CPEs: 1EXPL: 0

Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. Desbordamiento de búfer basado en montón en la VLAN Trunking Protocol (VTP) característico de Cisco IOS 12.1(19), permite a un atacante remoto ejecutar código de su elección a través de un nombre largo de VLAN en un anuncio resumen de VTP tipo 2. • http://secunia.com/advisories/21896 http://securitytracker.com/id?1016843 http://www.cisco.com/warp/public/707/cisco-sr-20060913-vtp.shtml http://www.kb.cert.org/vuls/id/542108 http://www.osvdb.org/28777 http://www.phenoelit.de/stuff/CiscoVTP.txt http://www.securityfocus.com/archive/1/445896/100/0/threaded http://www.securityfocus.com/archive/1/445938/100/0/threaded http://www.securityfocus.com/bid/19998 http://www.vupen.com/english/advisories/2006/3600 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •