CVSS: 7.5EPSS: 0%CPEs: 304EXPL: 0CVE-2009-2873
https://notcve.org/view.php?id=CVE-2009-2873
28 Sep 2009 — Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. Cisco IOS v12.0 hasta 12.4, cuando está habilitada la funcionalidad de túnel basado en IP y el Cisco Express Forwarding, permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) mediante paquetes deformados, también conocido como Bug ID CSCsx70889. • http://osvdb.org/58334 •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2009-2049
https://notcve.org/view.php?id=CVE-2009-2049
30 Jul 2009 — Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. Cisco IOS v12.0(32)S12 hasta v12.0(32)S13 y v12.0(33)S3 ha... • http://secunia.com/advisories/36046 • CWE-16: Configuration •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2009-1168
https://notcve.org/view.php?id=CVE-2009-1168
30 Jul 2009 — Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. Cisco IOS v12.0(32)S12 hasta v12.... • http://secunia.com/advisories/36046 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 17%CPEs: 2EXPL: 2CVE-2009-1220 – Cisco ASA Appliance 7.x/8.0 WebVPN - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2009-1220
01 Apr 2009 — Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header. Una vulnerabilidad de tipo cross-site scripting (XSS) en archivo +webvpn+/index.html en el WebVPN en los Adaptive Security Appliances (ASA) 5520 de Cisco co... • https://www.exploit-db.com/exploits/32878 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 310EXPL: 0CVE-2009-0630
https://notcve.org/view.php?id=CVE-2009-0630
27 Mar 2009 — The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows re... • http://secunia.com/advisories/34438 •
CVSS: 7.8EPSS: 1%CPEs: 310EXPL: 0CVE-2009-0636
https://notcve.org/view.php?id=CVE-2009-0636
27 Mar 2009 — Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. Vulnerabilidad no especificada en Cisco IOS v12.0 hasta v12.4, cuando están habilitados los servicios de voz SIP, permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) mediante un mensaje SIP válido. • http://secunia.com/advisories/34438 •
CVSS: 7.8EPSS: 1%CPEs: 310EXPL: 0CVE-2009-0631
https://notcve.org/view.php?id=CVE-2009-0631
27 Mar 2009 — Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. Vulnerabilidad no especificada en Cisco IOS v12.0 hasta v12.4, cuando se ha configurado con (1) IP Service Level Agreements (SLAs... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90426.shtml •
CVSS: 6.1EPSS: 10%CPEs: 284EXPL: 2CVE-2008-3821 – Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3821
16 Jan 2009 — Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el servidor HTTP en Cisco IOS v11.0 hasta v12.4, permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante (1) la cadena query al programa ... • https://www.exploit-db.com/exploits/32723 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2049EXPL: 1CVE-2008-4609
https://notcve.org/view.php?id=CVE-2008-4609
20 Oct 2008 — The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. La implementación del protocolo TCP en (1) Linux, (2) plataformas basadas en BSD Unix, (3) Microsoft Windows, (4) productos Cisco, y probablemente otros sistemas operativos, p... • https://github.com/mrclki/sockstress • CWE-16: Configuration •
CVSS: 7.5EPSS: 1%CPEs: 204EXPL: 0CVE-2008-3809
https://notcve.org/view.php?id=CVE-2008-3809
26 Sep 2008 — Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. Vulnerabilidad en dispositivos Gigabit Switch Router (GSR),(aka 12000 Series routers), de Cisco IOS v12.0 a v12.4. Permite a atacantes de control remoto causar denegación de servicio (reinicio de dispositivo) a través de paquetes Multidifusión de Protocolo Independiente (Protocol Independ... • http://secunia.com/advisories/31990 •