Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco IOS
Опубликовано:1 октября 2012 г.
Источник:
SecurityVulns ID:12602
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные DoS-условия в реализации различных протоколов.
Затронутые продукты:CISCO : IOS 12.2
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 CISCO : IOS XE 2.1
 CISCO : IOS XE 2.2
 CISCO : IOS XE 2.3
 CISCO : IOS XE 2.4
 CISCO : IOS 15.0
 CISCO : IOS 15.1
 CISCO : IOS XE 2.5
 CISCO : IOS XE 2.6
 CISCO : IOS XE 3.1
 CISCO : IOS 15.2
 CISCO : IOS XE 3.3
 CISCO : IOS XE 3.2
 CISCO : IOS XE 3.4
 CISCO : IOS XE 3.5
CVE:CVE-2012-4623 (The DHCPv6 server in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x, 3.1.xS before 3.1.4S, 3.1.xSG and 3.2.xSG before 3.2.5SG, 3.2.xS, 3.2.xXO, 3.3.xS, and 3.3.xSG before 3.3.1SG allows remote attackers to cause a denial of service (device reload) via a malformed DHCPv6 packet, aka Bug ID CSCto57723.)
 CVE-2012-4621 (The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049.)
 CVE-2012-4620 (Cisco IOS 12.2 and 15.0 through 15.2 on Cisco 10000 series routers, when a tunnel interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via tunneled (1) GRE/IP, (2) IPIP, or (3) IPv6 in IPv4 packets, aka Bug ID CSCts66808.)
 CVE-2012-4618 (The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183.)
 CVE-2012-4617 (The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a peer relationship and sending a malformed attribute, aka Bug IDs CSCtt35379, CSCty58300, CSCtz63248, and CSCtz62914.)
 CVE-2012-3950 (The Intrusion Prevention System (IPS) feature in Cisco IOS 12.3 through 12.4 and 15.0 through 15.2, in certain configurations of enabled categories and missing signatures, allows remote attackers to cause a denial of service (device reload) via DNS packets, aka Bug ID CSCtw55976.)
 CVE-2012-3949 (The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664.)
Файлы:Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability
 Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability
 Cisco IOS Software Network Address Translation Vulnerabilities
 Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability
 Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability
 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
 Cisco IOS Software DHCP Denial of Service Vulnerability

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород