Lucene search

K
CiscoIos12.3

74 matches found

CVE
CVE
added 2008/10/20 5:59 p.m.486 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.63 views

CVE-2010-0585

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CS...

7.8CVSS6.8AI score0.00602EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.63 views

CVE-2014-2109

The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.

7.8CVSS6.6AI score0.01117EPSS
CVE
CVE
added 2007/10/12 1:17 a.m.62 views

CVE-2007-5381

Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session...

9.3CVSS8AI score0.63694EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.61 views

CVE-2011-3280

Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.

7.8CVSS7.3AI score0.00459EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.60 views

CVE-2007-4285

Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a ...

9CVSS6.6AI score0.01129EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.56 views

CVE-2011-3277

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted H.323 packets to TCP port 1720, aka Bug ID CSCth11006.

7.8CVSS7.3AI score0.00371EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.56 views

CVE-2012-0384

Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access...

8.5CVSS6.8AI score0.00453EPSS
CVE
CVE
added 2005/11/03 2:2 a.m.54 views

CVE-2005-3481

Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities tha...

9.3CVSS8.1AI score0.05119EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.53 views

CVE-2007-4286

Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.

9.3CVSS7.8AI score0.6264EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.53 views

CVE-2010-0586

Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CS...

7.8CVSS6.8AI score0.00798EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.51 views

CVE-2010-2830

The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603.

7.1CVSS6.7AI score0.00399EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.50 views

CVE-2005-1057

Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."

7.5CVSS6.9AI score0.00572EPSS
CVE
CVE
added 2011/06/09 2:38 a.m.50 views

CVE-2011-2395

The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated...

5CVSS6.9AI score0.00147EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.49 views

CVE-2008-3800

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS
CVE
CVE
added 2009/01/16 9:30 p.m.49 views

CVE-2008-3821

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

4.3CVSS5.7AI score0.10639EPSS
CVE
CVE
added 2013/09/27 10:8 a.m.49 views

CVE-2013-5475

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561.

7.8CVSS6.8AI score0.00316EPSS
CVE
CVE
added 2014/03/27 9:55 p.m.49 views

CVE-2014-2111

The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.

7.1CVSS6.5AI score0.00763EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.48 views

CVE-2005-0196

Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.

5CVSS6.6AI score0.03307EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.48 views

CVE-2010-0582

Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.

7.8CVSS6.7AI score0.00801EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.48 views

CVE-2011-0945

Memory leak in the Data-link switching (aka DLSw) feature in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xS before 3.1.3S and 3.2.xS before 3.2.1S, when implemented over Fast Sequence Transport (FST), allows remote attackers to cause a denial of service (memory consumption and...

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.47 views

CVE-2005-1058

Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.

7.5CVSS6.9AI score0.00572EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.47 views

CVE-2009-2866

Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.

7.8CVSS6.4AI score0.01683EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.47 views

CVE-2009-2873

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.

7.1CVSS6.6AI score0.00781EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.47 views

CVE-2012-4623

The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed D...

7.8CVSS6.7AI score0.00798EPSS
CVE
CVE
added 2005/02/13 5:0 a.m.46 views

CVE-2004-1454

Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.

5CVSS6.6AI score0.01985EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.45 views

CVE-2005-0197

Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.

6.1CVSS6.6AI score0.01157EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0576

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or proc...

7.8CVSS6.6AI score0.01653EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.45 views

CVE-2010-2832

Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.45 views

CVE-2010-2835

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers ...

7.8CVSS6.6AI score0.00371EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.44 views

CVE-2008-3801

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.44 views

CVE-2010-2828

Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.44 views

CVE-2010-2833

Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2005/02/06 5:0 a.m.43 views

CVE-2005-0186

Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.

5CVSS6.8AI score0.01327EPSS
CVE
CVE
added 2007/08/20 7:17 p.m.43 views

CVE-2007-4430

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environment...

5CVSS6.7AI score0.19904EPSS
CVE
CVE
added 2011/08/18 6:55 p.m.43 views

CVE-2011-1625

Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerabi...

5.4CVSS6.4AI score0.01542EPSS
CVE
CVE
added 2012/09/27 12:55 a.m.43 views

CVE-2012-3949

The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a den...

7.8CVSS6.6AI score0.00932EPSS
CVE
CVE
added 2005/08/03 4:0 a.m.42 views

CVE-2005-2451

Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.

2.1CVSS7.6AI score0.03036EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.42 views

CVE-2008-3799

Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.

7.8CVSS6.5AI score0.01255EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.42 views

CVE-2009-0630

The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL...

7.1CVSS6.9AI score0.00064EPSS
CVE
CVE
added 2010/09/23 7:0 p.m.42 views

CVE-2010-2829

Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567.

7.8CVSS6.8AI score0.00427EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.42 views

CVE-2011-3276

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) by sending crafted SIP packets to TCP port 5060, aka Bug ID CSCso02147.

7.8CVSS7.4AI score0.00427EPSS
CVE
CVE
added 2011/10/03 11:55 p.m.42 views

CVE-2011-3278

Unspecified vulnerability in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCti48483.

7.8CVSS7.3AI score0.00371EPSS
CVE
CVE
added 2006/02/01 2:2 a.m.41 views

CVE-2006-0485

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that w...

4.6CVSS7AI score0.00135EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.41 views

CVE-2009-0626

The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.

7.8CVSS6.5AI score0.01045EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.41 views

CVE-2012-0381

The IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload) by sending IKE UDP packets over...

7.8CVSS7.4AI score0.03518EPSS
CVE
CVE
added 2012/03/29 11:1 a.m.41 views

CVE-2012-0382

The Multicast Source Discovery Protocol (MSDP) implementation in Cisco IOS 12.0, 12.2 through 12.4, and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS through 3.4.xS before 3.4.1S and 3.1.xSG and 3.2.xSG before 3.2.2SG allows remote attackers to cause a denial of service (device reload...

7.8CVSS7.3AI score0.04545EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.40 views

CVE-2005-1020

Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues...

7.1CVSS6.7AI score0.0158EPSS
CVE
CVE
added 2006/01/21 12:3 a.m.40 views

CVE-2006-0340

Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet ...

7.1CVSS6.4AI score0.03022EPSS
CVE
CVE
added 2007/08/09 9:17 p.m.40 views

CVE-2007-4293

Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.

7.1CVSS6.7AI score0.01609EPSS
Total number of security vulnerabilities74