Vulnerabilities > Cisco > IOS > 12.2.29.svd

DATE CVE VULNERABILITY TITLE RISK
2013-11-22 CVE-2013-6693 Buffer Errors vulnerability in Cisco IOS
The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by establishing many multicast flows, aka Bug ID CSCue22345.
network
high complexity
cisco CWE-119
5.4
2013-11-18 CVE-2013-6686 Improper Input Validation vulnerability in Cisco IOS
The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568.
network
low complexity
cisco CWE-20
6.8
2013-11-13 CVE-2013-5552 Permissions, Privileges, and Access Controls vulnerability in Cisco IOS
Cisco IOS 12.4(24)MDB9 and earlier on Content Services Gateway (CSG) devices does not properly implement the "parse error drop" feature, which allows remote attackers to bypass intended access restrictions via a crafted series of packets, aka Bug ID CSCug90143.
network
low complexity
cisco CWE-264
6.4
2013-03-28 CVE-2013-1142 Race Condition vulnerability in Cisco IOS
Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745.
network
low complexity
cisco CWE-362
7.8
2011-10-22 CVE-2011-2059 Information Exposure vulnerability in Cisco IOS
The ipv6 component in Cisco IOS before 15.1(4)M1.3 allows remote attackers to conduct fingerprinting attacks and obtain potentially sensitive information about the presence of the IOS operating system via an ICMPv6 Echo Request packet containing a Hop-by-Hop (HBH) extension header (EH) with a 0x0c01050c value in the PadN option data, aka Bug ID CSCtq02219.
network
low complexity
cisco CWE-200
5.0
2011-10-22 CVE-2011-2058 Improper Input Validation vulnerability in Cisco IOS
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336.
network
low complexity
cisco CWE-20
7.8
2011-10-22 CVE-2011-2057 Improper Input Validation vulnerability in Cisco IOS
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.
network
low complexity
cisco CWE-20
5.0
2011-10-22 CVE-2011-1640 Resource Exhaustion vulnerability in Cisco IOS
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.
network
low complexity
cisco CWE-400
7.8
2011-10-03 CVE-2011-3279 Unspecified vulnerability in Cisco IOS and IOS XE
The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219.
network
low complexity
cisco
7.8
2011-10-03 CVE-2011-0946 Unspecified vulnerability in Cisco IOS and IOS XE
The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712.
network
low complexity
cisco
7.8