9 matches found
EUVD-2015-4344
Malware in sbrugna...
CVE-2015-4321
The Unicast Reverse Path Forwarding uRPF implementation in Cisco Adaptive Security Appliance ASA Software 9.31.50, 9.32.100, 9.33, and 9.41 mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF...
CVE-2015-4321
Cisco ASA uRPF Bypass (CVE-2015-4321) affects ASA 9.3(1.50–3) and 9.4(1). The issue arises when an IP address belongs to an internal interface and also appears in the routing table, allowing spoofed packets to bypass uRPF validation due to insufficient input validation. Impact is bypass of uRPF c...
CVE-2015-4321
The Unicast Reverse Path Forwarding uRPF implementation in Cisco Adaptive Security Appliance ASA Software 9.31.50, 9.32.100, 9.33, and 9.41 mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF...
Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass Vulnerability
A vulnerability in the Unicast Reverse Path Forwarding uRPF feature in the Cisco Adaptive Security Appliance ASA could allow an unauthenticated, remote attacker to bypass the uRPF validation checks. The vulnerability is due to incorrect uRPF validation where IP packets from an outside interface,...
Cisco IOS XR Typhoon-based Line Cards and Network Processor (NP) Chip DoS
The remote Cisco device is running a version of Cisco IOS XR software that is affected by an error due to the improper processing of IPv4 packets routed through the bridge-group virtual interface BVI whenever Unicast Reverse Path Forwarding uRPF, policy-based routing PBR, quality of service QoS, ...
CVE-2015-0695
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface BVI traffic, which allows remote attackers to cause a denial of service chip and card hangs and reloads by triggering use of a BVI interface...
CVE-2015-0695
Cisco IOS XR Software on ASR 9000 (4.3.4–5.3.0) with uRPF, PBR, QoS, or ACLs enabled is vulnerable to BVI traffic handling flaw in the packet-processing path. The issue can allow a remote, unauthenticated attacker to cause a lockup and eventual reload of the network processor chip and line card w...
Cisco IOS特制TCP报文远程拒绝服务漏洞
Cisco IOS是Cisco设备所使用的操作系统。 Cisco IOS在处理特定畸形的TCP报文时存在漏洞,远程攻击者可能利用此漏洞对设备执行拒绝服务攻击,导致设备耗尽所有内存无法正常工作。 如果将Cisco IOS设备配置为接收TCP报文的话,则发送给Cisco IOS设备物理或虚拟接口IPv4地址的特制报文就可能导致泄漏少量的内存。这种内存泄漏可能造成耗尽内存资源,降低系统的性能。 请注意攻击者无需完成TCP三重握手就可以触发这个漏洞,因此伪造源址的TCP报文也可以完成攻击。这个漏洞仅适用于目标为Cisco IOS设备的通讯,穿越Cisco IOS设备的通讯不会触发这个漏洞。...