Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:cisco:ios:12.2su:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-4671 |
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534. Published: January 07, 2011; 7:00:49 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2835 |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2834 |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2833 |
Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2832 |
Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2831 |
Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2830 |
The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2010-2829 |
Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567. Published: September 23, 2010; 3:00:13 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2828 |
Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759. Published: September 23, 2010; 3:00:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-0576 |
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893. Published: March 25, 2010; 5:00:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-2873 |
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. Published: September 28, 2009; 3:30:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2009-2872 |
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. Published: September 28, 2009; 3:30:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-2863 |
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. Published: September 28, 2009; 3:30:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2009-2051 |
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. Published: August 27, 2009; 1:00:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-0637 |
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command. Published: March 27, 2009; 12:30:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2009-0636 |
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. Published: March 27, 2009; 12:30:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-0630 |
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets. Published: March 27, 2009; 12:30:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2009-0629 |
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets. Published: March 27, 2009; 12:30:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.4 MEDIUM |
CVE-2009-0631 |
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. Published: March 27, 2009; 11:16:24 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2008-3821 |
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. Published: January 16, 2009; 4:30:03 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |