CVSS: 6.8EPSS: 0%CPEs: 1550EXPL: 0CVE-2009-5040
https://notcve.org/view.php?id=CVE-2009-5040
07 Jan 2011 — CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. CallManager Express (CME) en Cisco IOS en versiones anteriores a la 15.0(1)XA permite a usuarios autenticados remotos provocar una denegación de servicio (caída del dispositivo) haciendo que un teléfono "extension mobility" (EM) interactúe con el menu de cambios ... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4686
https://notcve.org/view.php?id=CVE-2010-4686
07 Jan 2011 — CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950. CallManager Express (CME) en Cisco IOS anteriores a v15.0(1)XA1 no maneja adecuadamente el tráfico SIP TRUNK que contiene las ráfagas y una tamaño de petición "peculiar", que permite a atacantes remotos pro... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5039
https://notcve.org/view.php?id=CVE-2009-5039
07 Jan 2011 — Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. Pérdida de memoria en la función gk_circuit_info_do_in_acf en la implementación H.323 en Cisco IOS antes de v15.0(1)XA permite a atacantes remotos provocar una denegación de servicio (consumo... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4687
https://notcve.org/view.php?id=CVE-2010-4687
07 Jan 2011 — STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552. STCAPP (también conocido como la aplicación de control de telefonía SCCP) en Cisco IOS anteriores a v15.0(1)XA1 no maneja adecuadamente múltiples llamadas a una línea compartida, que permite ... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 2CVE-2010-4671
https://notcve.org/view.php?id=CVE-2010-4671
07 Jan 2011 — The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534. La implementación del protocolo Neighbor Discovery (ND) en la pila de IPv6 en Cisco IOS anterior a v15.0(1)XA5 permite a atacantes remotos provocar... • http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 235EXPL: 0CVE-2010-2834
https://notcve.org/view.php?id=CVE-2010-2834
23 Sep 2010 — Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987. Cisco IOS v12.2 hasta v12.4 y v15.0 hasta v15.1, Cisco IOS XE v2.5.x y v2.6.x anterior a v2.6.1, y Cis... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml •
CVSS: 7.8EPSS: 0%CPEs: 232EXPL: 0CVE-2010-2835
https://notcve.org/view.php?id=CVE-2010-2835
23 Sep 2010 — Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358. Cisco IOS v12.2 hasta v12.4 y v15.0 hasta v15.1... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml •
CVSS: 7.8EPSS: 0%CPEs: 195EXPL: 0CVE-2010-2832
https://notcve.org/view.php?id=CVE-2010-2832
23 Sep 2010 — Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. Vulnerabilidad no especificada en NAT para la implementación H.323 en Cisco IOS v12.1 hasta v12.4 y v15.0 hasta v15.1 permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) mediante tráfico de tránsito, también conocido como fallo ID CSCtf91428. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a311.shtml •
CVSS: 7.8EPSS: 0%CPEs: 195EXPL: 0CVE-2010-2831
https://notcve.org/view.php?id=CVE-2010-2831
23 Sep 2010 — Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. Vulnerabilidad no especificada en NAT para la implementación SIP en Cisco IOS v12.1 hasta v12.4 y v15.0 hasta v15.1 permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) mediante tráfico de tránsito sobre el puerto UDP 5060, también... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a311.shtml •
CVSS: 7.8EPSS: 0%CPEs: 195EXPL: 0CVE-2010-2833
https://notcve.org/view.php?id=CVE-2010-2833
23 Sep 2010 — Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. Vulnerabilidad no especificada en NAT para la implementación H.225.0 en Cisco IOS v12.1 hasta v12.4 y v15.0 hasta v15.1 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) mediante tráfico de tránsito, también conocido como fallo ID CSCtd86472. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a311.shtml •