Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:cisco:ios:12.0\(11\)sc:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-5017 |
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. Published: April 23, 2014; 7:52:59 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2012-5032 |
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641. Published: April 23, 2014; 7:52:59 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2012-4658 |
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447. Published: April 23, 2014; 7:52:59 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-5014 |
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436. Published: April 23, 2014; 7:52:59 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.3 MEDIUM |
CVE-2012-4651 |
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451. Published: April 23, 2014; 7:52:59 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-3918 |
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317. Published: April 23, 2014; 7:52:59 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2014-2143 |
The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun31021. Published: April 04, 2014; 11:10:37 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-2124 |
Cisco IOS 15.1(2)SY3 and earlier, when used with Supervisor Engine 2T (aka Sup2T) on Catalyst 6500 devices, allows remote attackers to cause a denial of service (device crash) via crafted multicast packets, aka Bug ID CSCuf60783. Published: March 20, 2014; 9:04:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2013-6693 |
The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345. Published: November 21, 2013; 8:55:04 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
CVE-2013-6686 |
The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568. Published: November 17, 2013; 10:55:06 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2013-5552 |
Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143. Published: November 13, 2013; 10:55:03 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2011-2059 |
The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219. Published: October 21, 2011; 10:59:19 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-4687 |
STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552. Published: January 07, 2011; 2:00:20 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2010-4686 |
CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950. Published: January 07, 2011; 2:00:20 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-4685 |
Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031. Published: January 07, 2011; 2:00:20 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2010-4684 |
Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877. Published: January 07, 2011; 2:00:20 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2010-4683 |
Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733. Published: January 07, 2011; 2:00:20 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-5040 |
CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. Published: January 07, 2011; 2:00:16 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-5039 |
Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. Published: January 07, 2011; 2:00:16 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2009-5038 |
Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. Published: January 07, 2011; 2:00:02 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |