Vulnerabilities > Cisco > IOS > 12.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-27 | CVE-2008-1151 | Resource Management Errors vulnerability in Cisco IOS Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566. | 7.1 |
2008-03-27 | CVE-2008-1150 | Resource Management Errors vulnerability in Cisco IOS The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309. | 7.1 |
2008-03-27 | CVE-2008-1153 | Denial Of Service vulnerability in Cisco IOS and IOS Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. network cisco | 7.1 |
2007-10-23 | CVE-2007-5651 | Products Extensible Authentication Protocol Denial of Service vulnerability in Cisco Catos and IOS Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. network cisco | 7.1 |
2007-10-12 | CVE-2007-5381 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515. | 9.3 |
2007-08-20 | CVE-2007-4430 | Improper Input Validation vulnerability in Cisco products Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. | 5.0 |
2007-08-09 | CVE-2007-4295 | Voice vulnerability in Cisco IOS and Unified Communications Manager Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. network cisco | 6.8 |
2007-08-09 | CVE-2007-4294 | Voice vulnerability in Cisco Unified Communications Manager 5.0/5.1/6.0 Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. network cisco | 6.8 |
2007-08-09 | CVE-2007-4293 | Voice vulnerability in Cisco IOS and Unified Communications Manager Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. network cisco | 7.1 |
2007-08-09 | CVE-2007-4292 | Voice vulnerability in Cisco IOS and Unified Communications Manager Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249. | 9.3 |