Vulnerabilities > Cisco > IOS XR > 3.8.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-30 | CVE-2010-3035 | Improper Input Validation vulnerability in Cisco IOS XR Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211. | 5.0 |
2009-08-21 | CVE-2009-2056 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS XR Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. | 3.3 |
2009-08-21 | CVE-2009-1154 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XR Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. | 3.3 |