16 matches found
CVE-2017-12231
A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the improper translation of H.323...
CVE-2017-12233
Multiple vulnerabilities in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilities are due to the...
CVE-2016-6415
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request, aka Bu...
Design/Logic Flaw
The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service memory consumption or device reload via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494...
CVE-2012-4618
The CVE-2012-4618 issue affects Cisco IOS Software Network Address Translation NAT with the SIP ALG feature. The vulnerability arises when SIP payloads are translated for in-transit packets, causing a denial of service that can trigger a device reload. Affected IOS versions noted in the sources i...
CVE-2012-3923
The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of service device crash via a session involving a PPP over ATM PPPoA interface, aka...
CVE-2012-1327
Cisco IOS versions affected by CVE-2012-1327 are 12.3, 12.4, 15.0, and 15.1. The flaw is in dot11t/t_if_dot11_hal_ath.c and can be exploited remotely to trigger an assertion failure and device reboot via 802.11 wireless traffic, as demonstrated by a video call from iOS 5.0 on an iPhone 4S (Bug ID...
CVE-2011-3279
The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service device reload via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219...
CVE-2011-3277
CVE-2011-3277 affects Cisco IOS NAT implementation (12.1–12.4, 15.0–15.1) and IOS-XE 3.1.xSG. The issue arises from NAT handling of H.323 traffic on TCP/1720, enabling remote attackers to cause a DoS (device reload). Cisco’s advisory notes multiple NAT DoS vectors (including H.323), with mitigati...
CVE-2011-0946
CVE-2011-0946 involves a vulnerability in Cisco IOS/NAT where NAT for NetMeeting Directory (LDAP) can be triggered by malformed LDAP traffic, causing a DoS (device reload or hang). Affected are Cisco IOS releases 12.1–12.4 and 15.0–15.1, plus IOS XE 3.1.xSG. The weakness is within the NAT transla...
CVE-2009-0470
Multiple cross-site scripting XSS vulnerabilities in the HTTP server in Cisco IOS 12.423 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to the default URI under 1 level/15/exec/-/ or 2 exec/, a different vulnerability than CVE-2008-3821...
CVE-2008-2739
The SERVICE.DNS signature engine in the Intrusion Prevention System IPS in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service device crash or hang via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447...
PT-2008-5158 · Cisco · Cisco Ios
Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 12.2 and 12.4 Description: The issue is related to a Denial of Service DoS attack from specially crafted packets in the Multi Protocol Label Switching MPLS Forwarding Infrastructure MFI in Cisco IOS. This can cause memory...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via 1 a certain "show privilege" command to the /level/15/exec/- URI, and 2 a certain "alias...
Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service
Cisco IOS 12.3 - Show IP BGP Regexp Remote Denial of Service source: https://www.securityfocus.com/bid/25352/info Cisco IOS is prone to a remote denial-of-service vulnerability because the software fails to properly handle certain CLI commands. To issue commands that trigger this vulnerability,...
Code injection
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service device crash via a malformed SIP packet, aka 1 CSCsf11855, 2 CSCeb21064, 3 CSCse40276, 4 CSCse68355, 5 CSCsf30058, 6 CSCsb24007, and 7 CSCsc60249...