Vulnerabilities > Cisco > IOS > 15.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-27 | CVE-2013-5481 | Improper Input Validation vulnerability in Cisco IOS The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID CSCtq14817. | 7.1 |
| 2013-09-27 | CVE-2013-5480 | Improper Input Validation vulnerability in Cisco IOS The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733. | 7.8 |
| 2013-09-27 | CVE-2013-5479 | Improper Input Validation vulnerability in Cisco IOS The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730. | 7.8 |
| 2013-09-27 | CVE-2013-5478 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023. | 7.8 |
| 2013-09-27 | CVE-2013-5477 | Improper Input Validation vulnerability in Cisco IOS The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465. | 7.8 |
| 2013-09-27 | CVE-2013-5475 | Improper Input Validation vulnerability in Cisco IOS and IOS XE Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID CSCug31561. | 7.8 |
| 2013-09-27 | CVE-2013-5474 | Race Condition vulnerability in Cisco IOS Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device reload or hang) via fragmented IPv6 packets, aka Bug ID CSCud64812. | 7.8 |
| 2013-03-28 | CVE-2013-1147 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999. | 7.8 |
| 2013-03-28 | CVE-2013-1146 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. | 7.8 |
| 2013-03-28 | CVE-2013-1143 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS and IOS XE The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. | 7.1 |