Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2011-10-22 CVE-2011-2058 Improper Input Validation vulnerability in Cisco IOS
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle an external loop between a pair of dot1x enabled ports, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many unicast EAPoL Protocol Data Units (PDUs), aka Bug ID CSCtq36336.
network
low complexity
cisco CWE-20
7.5
2011-10-22 CVE-2011-2057 Improper Input Validation vulnerability in Cisco IOS
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.
network
low complexity
cisco CWE-20
7.5
2011-10-22 CVE-2011-1640 Resource Exhaustion vulnerability in Cisco IOS
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.
network
low complexity
cisco CWE-400
7.5
2011-10-12 CVE-2011-2005 Unspecified vulnerability in Microsoft Windows Server 2003 and Windows XP
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka "Ancillary Function Driver Elevation of Privilege Vulnerability."
local
low complexity
microsoft
7.8
2011-10-10 CVE-2011-2189 Resource Exhaustion vulnerability in multiple products
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd.
network
low complexity
linux redhat canonical debian CWE-400
7.5
2011-10-06 CVE-2011-3288 XML Entity Expansion vulnerability in Cisco Unified Presence
Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564.
network
low complexity
cisco CWE-776
7.5
2011-10-03 CVE-2011-3280 Resource Management Errors vulnerability in Cisco IOS and IOS XE
Memory leak in the NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (memory consumption or device reload) by sending crafted SIP packets to UDP port 5060, aka Bug ID CSCtj04672.
network
low complexity
cisco CWE-399
7.5
2011-09-06 CVE-2011-1771 NULL Pointer Dereference vulnerability in Linux Kernel
The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem.
local
low complexity
linux CWE-476
7.8
2011-07-21 CVE-2011-2520 Deserialization of Untrusted Data vulnerability in multiple products
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
local
low complexity
redhat fedoraproject CWE-502
7.8
2011-07-18 CVE-2010-4656 Out-of-bounds Write vulnerability in multiple products
The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.
local
low complexity
linux canonical CWE-787
7.8