Summary
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2008-03-27 |
| Product | Cisco Ios | Last view | 2015-06-23 |
| Version | Type | Os | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.8 | 2015-06-23 | CVE-2015-4204 | Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices allows remote authenticated users to cause a denial of service (memory consumption or PXF process crash) by sending docsIfMCmtsMib SNMP requests quickly, aka Bug ID CSCue65051. |
| 7.1 | 2009-03-27 | CVE-2009-0634 | Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337. |
| 7.1 | 2009-03-27 | CVE-2009-0633 | Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220. |
| 9 | 2009-03-27 | CVE-2009-0628 | Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. |
| 5.1 | 2008-03-27 | CVE-2008-1156 | Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. |
| 7.1 | 2008-03-27 | CVE-2008-1153 | Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. |
| 7.8 | 2008-03-27 | CVE-2008-1152 | The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (2) | CWE-399 | Resource Management Errors |
| 40% (2) | CWE-200 | Information Exposure |
| 20% (1) | CWE-16 | Configuration |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:5860 | Cisco IOS UDP for IPv4/IPv6 Unspecified Vulnerability |
| oval:org.mitre.oval:def:5648 | Cisco IOS Multicast Virtual Private Network Information Leakage Vulnerability |
| oval:org.mitre.oval:def:5821 | Cisco IOS Data-link Switching (DLSw) Unspecified DoS Vulnerability |
| oval:org.mitre.oval:def:12092 | Cisco IOS Memory leak in the SSLVPN |
| oval:org.mitre.oval:def:12290 | Cisco IOS Mobile IP NAT and IPv6 |
| oval:org.mitre.oval:def:12043 | Cisco IOS Software Mobile IP and Mobile IPv6 |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 53131 | Cisco IOS SSLVPN Feature Abnormal SSL Session Termination Remote Memory Consu... |
| 53129 | Cisco IOS Mobile IP NAT Traversal MIPv6 Packet Handling Remote DoS |
| 53128 | Cisco IOS Mobile IPv6 Subsystem MIPv6 Packet Handling Remote DoS |
| 53127 | Cisco IOS Mobile IP NAT Traversal Home Agent (HA) Implementation ICMP Packet ... |
| 53126 | Cisco IOS Mobile IPv6 Subsystem Home Agent (HA) Implementation ICMP Packet Ha... |
| 43798 | Cisco IOS Multicast Virtual Private Network (MVPN) Crafted MDT Data Join Mess... |
| 43797 | Cisco IOS Crafted IPv6 UDP Delivery Remote DoS |
| 43796 | Cisco IOS Data-link Switching (DLSw) UDP Packet Handling Unspecified Remote DoS |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-06-05 | Name : Ubuntu USN-743-1 (gs-gpl) File : nvt/ubuntu_743_1.nasl |
| 2009-06-05 | Name : Ubuntu USN-744-1 (lcms) File : nvt/ubuntu_744_1.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20080326-IPv4IPv6http.nasl - Type: ACT_GATHER_INFO |
| 2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20080326-dlswhttp.nasl - Type: ACT_GATHER_INFO |
| 2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20080326-mvpnhttp.nasl - Type: ACT_GATHER_INFO |
| 2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20090325-mobileiphttp.nasl - Type: ACT_GATHER_INFO |
| 2010-09-01 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20090325-webvpnhttp.nasl - Type: ACT_GATHER_INFO |
