CVE-2012-3073
https://notcve.org/view.php?id=CVE-2012-3073
The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338. La implementación IP en Cisco TelePresence Multipoint Switch anterior a v1.8.1, Cisco TelePresence Manager anterior a v1.9.0, y Cisco TelePresence Recording Server v1.8 y anteriores permite a atacantes remotos causar una denegación de servicio mediante (1) un paquete IP mal formado, (2) una elevada cantidad de conexiones TCP, o (3) una elevada cantidad de conexiones de finalización TCP, cambien conocido como bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, y CSCty11338. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman •
CVE-2012-2486
https://notcve.org/view.php?id=CVE-2012-2486
The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953. La implementación del protocolo Cisco Discovery Protocol (CDP) en Cisco TelePresence Multipoint Switch anterior a v1.9.0, Cisco TelePresence Immersive Endpoint Devices anterior a v1.9.1, Cisco TelePresence Manager anterior a v1.9.0, y Cisco TelePresence Recording Server anterior a v1.8.1 permite a atacantes remotos ejecutar código arbitrario mediante el envío de paquetes CDP mal formados, también conocido como Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, y CSCtz40953. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctrs http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-0380
https://notcve.org/view.php?id=CVE-2011-0380
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to bypass authentication and invoke arbitrary methods via a malformed SOAP request, aka Bug ID CSCtc59562. Cisco TelePresence Manager v1.2.x hasta v1.6.x permite a atacantes remotos evitar la autenticación e invocar métodos arbitrarios a través de una solicitud SOAP manipulada, tambien conocido como error ID CSCtc59562. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtml http://www.securityfocus.com/bid/46526 http://www.securitytracker.com/id?1025111 https://exchange.xforce.ibmcloud.com/vulnerabilities/65618 • CWE-287: Improper Authentication •
CVE-2011-0381
https://notcve.org/view.php?id=CVE-2011-0381
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified actions and consequently execute arbitrary code via a crafted request to the Java RMI interface, related to a "command injection vulnerability," aka Bug ID CSCtf97085. Cisco TelePresence Manager v1.2.x hasta v1.6.x permite a atacantes remotos realizar acciones no especificadas y ejecutar código arbitrario a través de una petición manipulada a la interfaz Java RMI, relacionado con una "vulnerabilidad de inyección de comandos", también conocido como error ID CSCtf97085 • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtml http://www.securityfocus.com/bid/46526 http://www.securitytracker.com/id?1025111 https://exchange.xforce.ibmcloud.com/vulnerabilities/65619 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2011-0379
https://notcve.org/view.php?id=CVE-2011-0379
Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. Desbordamiento de búfer en dispositivos Cisco Adaptive Security Appliances (ASA) 5500 con el software v1.6.x; Cisco TelePresence Multipoint Switch (CTMS) con software v1.0.x, v1.1.x, v1.5.x, y v1.6.x; Cisco TelePresence endpoint con software v1.2.x hasta v1.6.x; y Cisco TelePresence Manager v1.2.x, v1.3.x, v1.4.x, v1.5.x, y v1.6.2 permite a atacantes remotos ejecutar código arbitrario mediante un paquete Cisco Discovery Protocol, también conocido como error IDs CSCtd75769, CSCtd75766, CSCtd75754, y CSCtd75761. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14f.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e152.shtml http://www.securitytracker.com/id?1025111 http://www.securitytracker.com/id?1025112 http://www.securitytracker.com/id?1025113 http://www.securitytracker.com/id?1025114 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •