VYPR

Cisco iOS

by Cisco Systems, Inc.

CVEs (951)

  • CVE-2008-3803Sep 26, 2008
    risk 0.00cvss epss 0.03

    A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic…

  • CVE-2008-3802Sep 26, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a…

  • CVE-2008-3801Sep 26, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via…

  • CVE-2008-3800Sep 26, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via…

  • CVE-2008-3799Sep 26, 2008
    risk 0.00cvss epss 0.03

    Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.

  • CVE-2008-3798Sep 26, 2008
    risk 0.00cvss epss 0.03

    Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.

  • CVE-2008-2739Sep 26, 2008
    risk 0.00cvss epss 0.03

    The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than…

  • CVE-2008-1159May 22, 2008
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.

  • CVE-2008-1152Mar 27, 2008
    risk 0.00cvss epss 0.04

    The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.

  • CVE-2008-1150Mar 27, 2008
    risk 0.00cvss epss 0.02

    The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process…

  • CVE-2008-1151Mar 27, 2008
    risk 0.00cvss epss 0.02

    Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka…

  • CVE-2008-1153Mar 27, 2008
    risk 0.00cvss epss 0.06

    Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.

  • CVE-2008-1156Mar 27, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message.

  • CVE-2007-5651Oct 23, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on…

  • CVE-2007-5552Oct 18, 2007
    risk 0.00cvss epss 0.03

    Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a…

  • CVE-2007-5547Oct 18, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable…

  • CVE-2007-5548Oct 18, 2007
    risk 0.00cvss epss 0.00

    Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. …

  • CVE-2007-5549Oct 18, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only…

  • CVE-2007-5550Oct 18, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. …

  • CVE-2007-5551Oct 18, 2007
    risk 0.00cvss epss 0.02

    Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a…

Page 43 of 48