2 results (0.010 seconds)

CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0

Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688. Condición de carrera en la implementación SSL en los dispositivos Cisco Intrusion Prevention System (IPS) permite a atacantes remotos causar una denegación de servicio al hacer muchas conexiones HTTPS de la interfaz de gestión durante la fase de la regeneración de claves de una actualización, también conocido como Bug ID CSCui25688. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0631 http://www.securityfocus.com/bid/72700 http://www.securitytracker.com/id/1031780 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.0EPSS: 4%CPEs: 3EXPL: 0

The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. La interfaz web(mainApp)para administrar a Cisco IDS nateriores a 4.1(5c), e IPS 5.0 anteriores a 5.0(6p1) y 5.1 anteriores a 5.1(2)permite a un atacante remoto provocar una denegación de servicio (dispositivo sin respuesta) a través de un paquete artesanal SSLv2 Client Hello. • http://secunia.com/advisories/22046 http://securitytracker.com/id?1016891 http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml http://www.kb.cert.org/vuls/id/642076 http://www.osvdb.org/29037 http://www.securityfocus.com/bid/20124 http://www.vupen.com/english/advisories/2006/3721 https://exchange.xforce.ibmcloud.com/vulnerabilities/29056 •