Ios Security Vulnerabilities and Issues — Ios CVE List

Lucene search

CiscoIos

18 matches found

CVE•added 2008/09/26 4:21 p.m.•81 views

CVE-2008-3805

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UD...

8.5CVSS6.6AI score0.01602EPSS

CVE•added 2008/09/26 4:21 p.m.•65 views

CVE-2008-2739

The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447.

7.8CVSS6.6AI score0.87602EPSS

CVE•added 2008/09/26 4:21 p.m.•49 views

CVE-2008-3800

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS

CVE•added 2008/09/26 4:21 p.m.•48 views

CVE-2008-3806

8.5CVSS6.7AI score0.01602EPSS

CVE•added 2008/09/26 4:21 p.m.•46 views

CVE-2008-3804

Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used.

7.1CVSS6.4AI score0.02057EPSS

CVE•added 2008/09/26 4:21 p.m.•45 views

CVE-2008-3807

Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.

9.3CVSS6.4AI score0.0251EPSS

CVE•added 2008/09/26 4:21 p.m.•44 views

CVE-2008-3801

7.1CVSS6.4AI score0.01935EPSS

CVE•added 2008/09/26 4:21 p.m.•43 views

CVE-2008-3813

Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.

7.8CVSS6.4AI score0.01255EPSS

CVE•added 2008/09/26 4:21 p.m.•42 views

CVE-2008-3799

Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages.

7.8CVSS6.5AI score0.01255EPSS

CVE•added 2008/09/26 4:21 p.m.•42 views

CVE-2008-3811

Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810.

7.8CVSS6.4AI score0.01918EPSS

CVE•added 2008/09/26 4:21 p.m.•41 views

CVE-2008-3798

Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.

7.8CVSS6.4AI score0.01255EPSS

CVE•added 2008/09/26 4:21 p.m.•41 views

CVE-2008-3809

Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.

7.1CVSS6.5AI score0.0146EPSS

CVE•added 2008/09/26 4:21 p.m.•41 views

CVE-2008-3812

Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.

7.1CVSS6.5AI score0.0146EPSS

CVE•added 2008/09/26 4:21 p.m.•39 views

CVE-2008-3808

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.

7.8CVSS6.3AI score0.01672EPSS

CVE•added 2008/09/26 4:21 p.m.•38 views

CVE-2008-3802

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability ...

7.1CVSS6.4AI score0.01935EPSS

CVE•added 2008/09/26 4:21 p.m.•38 views

CVE-2008-3803

A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

5.1CVSS6.4AI score0.01514EPSS

CVE•added 2008/09/26 4:21 p.m.•37 views

CVE-2008-3810

Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.

7.8CVSS6.4AI score0.01918EPSS

CVE•added 2008/09/18 8:0 p.m.•32 views

CVE-2008-4128

Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "ali...

9.3CVSS8AI score0.01525EPSS