5 matches found
CVE-2015-6365
Cisco IOS Software CVE-2015-6365 affects IOS releases 15.2(04)M and 15.4(03)M, where physical-interface ACLs can supersede virtual PPP interface ACLs. This allows an authenticated remote user connected to a PPP session to bypass ACLs on virtual PPP interfaces and potentially pass traffic that sho...
Race condition
Race condition in the Common Classification Engine CCE in the Measurement, Aggregation, and Correlation Engine MACE implementation in Cisco IOS 15.42T3 and earlier allows remote attackers to cause a denial of service device reload via crafted network traffic that triggers improper handling of the...
Cross site scripting
The Zone-Based Firewall implementation in Cisco IOS 15.42T3 and earlier allows remote attackers to cause a denial of service device reload via crafted network traffic that triggers incorrect kernel-timer handling, aka Bug ID CSCuh25672...
Design/Logic Flaw
The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service memory consumption or device reload via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494...
Code injection
The SSL VPN aka WebVPN feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service memory consumption via crafted HTTP requests, aka Bug ID CSCuf51357...