10 matches found
CVE-2004-0079
The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...
CVE-2004-0081
CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...
CVE-2004-0112
The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...
CVE-2014-2201
Cisco NX-OS MTS on MDS 9000 (before 6.2(7)) and Nexus 7000 (before 6.0(2)) is vulnerable to a remote denial of service via a large volume of crafted traffic, caused by a NULL pointer dereference leading to kernel panic (CVE-2014-2201). Affected devices include NX-OS-based platforms; remediation r...
CVE-2013-1178
Cisco NX-OS CDP-related vulnerability (CVE-2013-1178) affects Nexus 7000/5000/5500/4000/3000, Nexus 1000V, MDS 9000, UCS 6100/6200, and CGR 1000. Multiple buffer-overflow flaws in the Cisco Discovery Protocol allow remote attackers to execute arbitrary code via malformed CDP packets. Impact is de...
CVE-2013-1180
Cisco NX-OS-based products (Nexus 7000 series on 4.x/5.x before 5.2(5) and 6.x before 6.1(1); MDS 9000 on 4.x/5.x before 5.2(5)) are affected by a buffer overflow in the SNMP implementation that allows remote authenticated users to execute arbitrary code via a crafted SNMP request (Bug CSCtx54822...
CVE-2015-6277
Cisco NX-OS ARP handling vulnerability (CVE-2015-6277) affects multiple Cisco platforms: Nexus 1000V (VMware vSphere 5.2(1)SV3(1.4)), Nexus 3000, Nexus 4000, Nexus 9000, MDS 9000 and SAN-OS NX-OS on MDS 9000. Root cause is improper input/packet-header field validation in the ARP implementation, a...
CVE-2013-1192
CVE-2013-1192 affects Cisco Device Manager (Java-based JNLP launcher) for Cisco MDS 9000 family (pre-5.2.8) and Cisco Nexus 5000. The issue enables remote attackers to execute arbitrary commands on Windows client machines via a crafted element-manager.jnlp file. Root cause: JAR-based code executi...
CVE-2005-3669
CVE-2005-3669 covers multiple unspecified vulnerabilities in the Internet Key Exchange v1 (IKEv1) implementation in Cisco products that cause a denial of service (device reset) via malformed IKE packets, demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The Cisco advisory lacks details to m...
CVE-2013-1179
CVE-2013-1179 is a Cisco NX-OS vulnerability affecting Nexus 7000 (4.x/5.x before 5.2(5)) and MDS 9000 (4.x/5.x before 5.2(5)) where 1) SNMP and 2) License Manager components contain buffer overflow flaws. The root cause is improper boundary/size handling in these subsystems, allowing remote auth...