Cisco Ios 12.4xw

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summuary
CPE Name	cpe:/h:cisco:ios:12.4xw

	Date	Alert	Access Vector	Access Complexity	Authentification
7.1	2009-03-27	CVE-2009-0637	Network	High	Requires ...
5.4	2009-03-27	CVE-2009-0629	Network	High	None Requ...
4.3	2009-01-16	CVE-2008-3821	Network	Medium	None Requ...
7.8	2008-09-26	CVE-2008-3813	Network	Low	None Requ...
7.1	2008-09-26	CVE-2008-3812	Network	Medium	None Requ...
Hide \| Show 1 More...

	Date	Alert	Access Vector	Access Complexity	Authentification
7.1	2008-09-26	CVE-2008-3802	Network	Medium	None Requ...

%	id	Name
50% (1)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
50% (1)	CWE-20	Improper Input Validation

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Name
CAPEC-3	Using Leading 'Ghost' Character Sequences to Bypass Input Filters
CAPEC-7	Blind SQL Injection
CAPEC-8	Buffer Overflow in an API Call
CAPEC-9	Buffer Overflow in Local Command-Line Utilities
CAPEC-10	Buffer Overflow via Environment Variables
Hide \| Show 20 More...

id	Name
CAPEC-13	Subverting Environment Variable Values
CAPEC-14	Client-side Injection-induced Buffer Overflow
CAPEC-18	Embedding Scripts in Nonscript Elements
CAPEC-22	Exploiting Trust in Client (aka Make the Client Invisible)
CAPEC-24	Filter Failure through Buffer Overflow
CAPEC-28	Fuzzing
CAPEC-31	Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-32	Embedding Scripts in HTTP Query Strings
CAPEC-42	MIME Conversion
CAPEC-43	Exploiting Multiple Input Interpretation Layers
CAPEC-45	Buffer Overflow via Symbolic Links
CAPEC-46	Overflow Variables and Tags
CAPEC-47	Buffer Overflow via Parameter Expansion
CAPEC-52	Embedding NULL Bytes
CAPEC-53	Postfix, Null Terminate, and Backslash
CAPEC-63	Simple Script Injection
CAPEC-64	Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-66	SQL Injection
CAPEC-67	String Format Overflow in syslog()
CAPEC-71	Using Unicode Encoding to Bypass Validation Logic

OvalID	Name
oval:org.mitre.oval:def:5889	Cisco IOS Session Initiation Protocol Denial of Service Vulnerability
oval:org.mitre.oval:def:5302	Cisco IOS Firewall Application Inspection Control Vulnerability
oval:org.mitre.oval:def:5362	Cisco IOS Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability

id	Description
53136	Cisco IOS Multiple Functionality Crafted TCP Packet Sequence Remote DoS
53132	Cisco IOS SCP Server Role-based CLI Access Attached CLI View Remote File Mani...
51394	Cisco IOS HTTP Server URL Strings Unspecified XSS
51393	Cisco IOS HTTP Server /ping Script XSS
48734	Cisco IOS Firewall Application Inspection Control (AIC) Malformed HTTP Transi...
Hide \| Show 2 More...

id	Description
48733	Cisco IOS Crafted Layer 2 Tunneling Protocol (L2TP) Packet Remote DoS
48716	Cisco IOS SIP Packet Handling Unspecified Remote DoS (3802)