49 matches found
EUVD-2008-1161
Malware in sbrugna...
EUVD-2011-1625
Malware in sbrugna...
EUVD-2005-0008
Malware in sbrugna...
CVE-2011-1625
Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching DLSw feature is configured, allows remote attackers to cause a denial of service device crash by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerabili...
Cisco DLSw Information Disclosure Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'socket' class MetasploitModule 'Cisco DLSw Information Disclosure Scanner', 'Description' = %q This module implements the DLSw information disclosure retrieval...
Cisco IOS Software DLSw Information Disclosure Vulnerability
A vulnerability in the DLSw feature of Cisco IOS could allow an unauthenticated, remote attacker to extract information from previously processed packets. The vulnerability is due to the lack of initialization of packet buffers. An attacker could exploit this vulnerability by connecting to the DL...
Cisco DLSw Information Disclosure Scanner
This module implements the DLSw information disclosure retrieval. There is a bug in Cisco's DLSw implementation affecting 12.x and 15.x trains that allows an unauthenticated remote attacker to retrieve the partial contents of packets traversing a Cisco router with DLSw configured and active. This...
CVE-2014-7992
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014...
Design/Logic Flaw
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014...
CVE-2014-7992
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, aka Bug ID CSCur14014...
CVE-2014-7992
Cisco IOS DLSw Information Disclosure (CVE-2014-7992) involves uninitialized packet buffers in the DLSw feature, allowing unauthenticated remote access to previously processed packet contents via TCP port 2067. Impact could include exposure of sensitive data such as clear-text passwords and SNMP ...
Cisco IOS 指纹识别ICMPv6回应请求信息泄露漏洞
BUGTRAQ ID: 50379 CVE ID: CVE-2011-2059 Cisco的网际操作系统(IOS)是一个网际互连优化的复杂操作系统。数据流交互功能DLSw可以实现在IP网络上传输IBM SNA和网络BIOS流量。 Cisco IOS实现上存在信息泄露漏洞,通过包含有HBH扩展标头中PadN选项数据为0x0c01050c的ICMPv6 Echo请求报文,Cisco IOS中的IPv6组件允许远程攻击者执行指纹识别攻击并获取系统敏感信息。 Cisco IOS 15.x 厂商补丁: Cisco ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Cisco IOS dot1x端口处理多个远程拒绝服务漏洞
BUGTRAQ ID: 50375 CVE ID: CVE-2011-2057,CVE-2011-2058 Cisco的网际操作系统(IOS)是一个网际互连优化的复杂操作系统。数据流交互功能DLSw可以实现在IP网络上传输IBM SNA和网络BIOS流量。 Cisco IOS在处理dot1x端口时存在多个远程拒绝服务漏洞,可造成受影响设备停止响应,导致拒绝服务。 Cisco IOS 12.x 厂商补丁: Cisco ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.cisco.com/warp/public/707/advisory.h...
CVE-2011-0945
Memory leak in the Data-link switching aka DLSw feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport FST, allows remote attackers to cause a denial of service memory consumption and...
CVE-2011-0945
Summary: CVE-2011-0945 describes a memory leak in Cisco IOS Data-Link Switching (DLSw) over Fast Sequence Transport (FST) that can cause a denial of service via crafted IP protocol 91 packets. Affected software: Cisco IOS 12.1–12.4 and 15.0–15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before ...
CVE-2011-0945
Memory leak in the Data-link switching aka DLSw feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport FST, allows remote attackers to cause a denial of service memory consumption and...
Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability Advisory ID: cisco-sa-20110928-dlsw Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +---------------------------------------------------------------------...
Cisco IOS multiple security vulnerabilities
IP SLA DoS, smart install TCP/4786 code execution, memory leaks in IPS and firewall features, multiple SIP vulnerailibites, multiple protocols NAT translation DoS, multiple IPv6 DoS, DLSw DoS...
Cisco IOS Software Data-Link Switching Vulnerability (cisco-sa-20110928-dlsw)
Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching DLSw feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released free software updates that address this vulnerability. TRUSTED...
Cisco IOS Software Data-Link Switching Vulnerability
Cisco IOS Software contains a memory leak vulnerability in the Data-Link Switching DLSw feature that could result in a device reload when processing crafted IP Protocol 91 packets. Cisco has released software updates that address this vulnerability. This advisory is posted at...