CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-5545
https://notcve.org/view.php?id=CVE-2013-5545
31 Oct 2013 — The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936. La implementación PPTP ALG en Cisco IOS XE 3.9 anterior a 3.9.2S de dispositivos 1000 ASR permite a atacantes remotos provocar una denegación de servicio (recarga dispositivo) mediante el envío de varios paquetes PPTP sobre NAT, también conocido como Bug ID CSCuh19936. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-5547
https://notcve.org/view.php?id=CVE-2013-5547
31 Oct 2013 — Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending malformed EoGRE packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCuf08269. Vulnerablidad en Cisco IOS XE 3.9 antes 3.9.2S en dispositivos ASR 1000 permite a atacantes remotos provocar una denegación de servicio (recarga del dispositivo) mediante el envío de paquetes malformados EoGRE sobre (1) IPv4 o (2) IPv6, también conocido como Bug ID CSCuf08269. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 1%CPEs: 566EXPL: 0CVE-2013-0149
https://notcve.org/view.php?id=CVE-2013-0149
03 Aug 2013 — The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSC... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2011-2059
https://notcve.org/view.php?id=CVE-2011-2059
22 Oct 2011 — The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. El componente IPv6 en Cisco IOS anterior a v15.1(4)M1.3 permite a atacantes remotos a realizar ataques para la obtención de datos del servidor (fingerpri... • http://blogs.cisco.com/security/1999tcp-redux-the-ipv6-flavor • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5038
https://notcve.org/view.php?id=CVE-2009-5038
07 Jan 2011 — Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. Cisco IOS en versiones anteriores a la 15.0(1)XA no maneja apropiadamente el tráfico IRC durante un periodo de tiempo específico después de una recarga inicial, lo que permite a atacantes remotos provocar... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-5039
https://notcve.org/view.php?id=CVE-2009-5039
07 Jan 2011 — Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. Pérdida de memoria en la función gk_circuit_info_do_in_acf en la implementación H.323 en Cisco IOS antes de v15.0(1)XA permite a atacantes remotos provocar una denegación de servicio (consumo... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 6.8EPSS: 0%CPEs: 1550EXPL: 0CVE-2009-5040
https://notcve.org/view.php?id=CVE-2009-5040
07 Jan 2011 — CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. CallManager Express (CME) en Cisco IOS en versiones anteriores a la 15.0(1)XA permite a usuarios autenticados remotos provocar una denegación de servicio (caída del dispositivo) haciendo que un teléfono "extension mobility" (EM) interactúe con el menu de cambios ... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4683
https://notcve.org/view.php?id=CVE-2010-4683
07 Jan 2011 — Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733. Fuga de memoria en Cisco IOS anterior a v15.0(1)XA5 podría permitir a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante el envío de un mensaje SIP REGISTER sobre UDP, también conocido como bug id CSCtg41733. • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4684
https://notcve.org/view.php?id=CVE-2010-4684
07 Jan 2011 — Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877. Cisco IOS anterior a 15.0(1)XA1, cuando ciertos TFTP de depuración está activados, permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de una copia TFTP a través de IPv6, el fallo también conocido como ID CSCtb28877. • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4685
https://notcve.org/view.php?id=CVE-2010-4685
07 Jan 2011 — Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031. Cisco IOS anterior a v15.0(1)XA1 no borra la caché de clave pública en caso de cambio a un mapa de certificado, que permite a usuarios remotos autenticados evitar la prohibición del certificado mediante la conexión con un certificado prohibido que h... • http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf • CWE-295: Improper Certificate Validation •