6 matches found
CVE-2015-4227
Cisco Headend System Releases contains a memory-leak DoS vulnerability (CVE-2015-4227) exploitable by an unauthenticated, remote attacker. The issue can be triggered via crafted content with the attacker potentially requiring access to trusted internal networks; impact is denial of service throug...
CVE-2015-4230
Cisco Headend System Releases are affected by CVE-2015-4230 due to a memory leak that can be exploited remotely to cause a denial of service (memory consumption). The issue is exploitable over network with no authentication required, per CVE details and Cisco security advisory indicating no softw...
CVE-2015-0745
CVE-2015-0745 affects Cisco Headend System Release. The issue stems from improper input validation of HTTP request headers, allowing remote unauthenticated attackers to craft requests (via URL manipulation) to read temporary script or archive files and obtain sensitive information. Impact is info...
CVE-2015-0744
The CVE affects Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release. It is caused by a lack of rate limiting in the TCP listener, enabling an unauthenticated remote attacker to trigger a denial-of-service via a TCP flood (e.g., SYN flood) that can exhaust CPU/memory and disr...
CVE-2015-0747
CVE-2015-0747 affects Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release. A remote attacker can inject arbitrary cookies by sending a crafted HTTP request due to improper input validation of an HTTP header, potentially taking control of an HTTP session. Cisco’s advisory confirms ...
CVE-2015-0743
Cisco Headend System Release UDP DoS vulnerability (CVE-2015-0743) can be exploited remotely by sending crafted UDP traffic to TFTP and DHCP ports, causing outages. The root cause involves a specific UDP traffic pattern and high volume that can overwhelm the affected ports. Affected product is Ci...