This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/h:cisco:ios:12.4xe
Detail
VendorCiscoFirst view 2008-09-26
ProductIosLast view 2009-03-27
Version12.4xeTypeHardware
Edition 
Language 
Update 
 
CPE Productcpe:/h:cisco:ios

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.1 2009-03-27 CVE-2009-0637 Network High Requires ...
5.4 2009-03-27 CVE-2009-0629 Network High None Requ...
4.3 2009-01-16 CVE-2008-3821 Network Medium None Requ...
7.1 2008-09-26 CVE-2008-3812 Network Medium None Requ...
7.1 2008-09-26 CVE-2008-3809 Network Medium None Requ...
Hide | Show 3 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.8 2008-09-26 CVE-2008-3808 Network Low None Requ...
7.1 2008-09-26 CVE-2008-3802 Network Medium None Requ...
7.8 2008-09-26 CVE-2008-2739 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
50% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
50% (1)CWE-20Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idName
CAPEC-3Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7Blind SQL Injection
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
Hide | Show 20 More...
idName
CAPEC-13Subverting Environment Variable Values
CAPEC-14Client-side Injection-induced Buffer Overflow
CAPEC-18Embedding Scripts in Nonscript Elements
CAPEC-22Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-28Fuzzing
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32Embedding Scripts in HTTP Query Strings
CAPEC-42MIME Conversion
CAPEC-43Exploiting Multiple Input Interpretation Layers
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-52Embedding NULL Bytes
CAPEC-53Postfix, Null Terminate, and Backslash
CAPEC-63Simple Script Injection
CAPEC-64Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66SQL Injection
CAPEC-67String Format Overflow in syslog()
CAPEC-71Using Unicode Encoding to Bypass Validation Logic

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:6058Cisco IOS IPS Denial of Service Vulnerability
oval:org.mitre.oval:def:5889Cisco IOS Session Initiation Protocol Denial of Service Vulnerability
oval:org.mitre.oval:def:5873Cisco IOS Multicast DoS Vulnerability
oval:org.mitre.oval:def:5477Cisco IOS (GSR device) Multicast DoS Vulnerability
oval:org.mitre.oval:def:5302Cisco IOS Firewall Application Inspection Control Vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
53136Cisco IOS Multiple Functionality Crafted TCP Packet Sequence Remote DoS
53132Cisco IOS SCP Server Role-based CLI Access Attached CLI View Remote File Mani...
51394Cisco IOS HTTP Server URL Strings Unspecified XSS
51393Cisco IOS HTTP Server /ping Script XSS
48738Cisco IOS Malformed Protocol Independent Multicast (PIM) Packet GSR Remote DoS
Hide | Show 4 More...
idDescription
48737Cisco IOS Crafted Protocol Independent Multicast (PIM) Packet Handling Remote...
48734Cisco IOS Firewall Application Inspection Control (AIC) Malformed HTTP Transi...
48716Cisco IOS SIP Packet Handling Unspecified Remote DoS (3802)
48711Cisco IOS Intrusion Prevention System (IPS) SERVICE.DNS Engine Signature Proc...

OpenVAS Exploits

idDescription
2009-06-05Name : Ubuntu USN-707-1 (cupsys)
File : nvt/ubuntu_707_1.nasl
2009-06-05Name : Ubuntu USN-743-1 (gs-gpl)
File : nvt/ubuntu_743_1.nasl
2009-06-05Name : Ubuntu USN-744-1 (lcms)
File : nvt/ubuntu_744_1.nasl
2009-01-20Name : Ubuntu USN-708-1 (hplip)
File : nvt/ubuntu_708_1.nasl

Nessus® Vulnerability Scanner

idDescription
2012-01-11Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sr-20090114-http.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080924-iosfwhttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080924-iosipshttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080924-multicasthttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080924-siphttp.nasl - Type : ACT_GATHER_INFO
Hide | Show 2 More...
idDescription
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20090325-scphttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20090325-tcphttp.nasl - Type : ACT_GATHER_INFO