Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco IOS
Опубликовано:27 марта 2014 г.
Источник:
SecurityVulns ID:13631
Тип:удаленная
Уровень опасности:
7/10
Описание:Многочисленные DoS-условия.
Затронутые продукты:CISCO : Cisco IOS 12.2
 CISCO : Cisco IOS 12.3
 CISCO : Cisco IOS 12.4
 CISCO : Cisco IOS 15.0
 CISCO : Cisco IOS 15.1
 CISCO : Cisco IOS 15.2
 CISCO : Cisco IOS 15.3
 CISCO : Cisco IOS 15.4
 CISCO : Cisco IOS XE 3.2
 CISCO : Cisco IOS XE 3.3
 CISCO : Cisco IOS XE 3.4
 CISCO : Cisco IOS XE 3.5
 CISCO : Cisco IOS XE 3.6
 CISCO : Cisco IOS XE 3.7
 CISCO : Cisco IOS XE 3.8
 CISCO : Cisco IOS XE 3.9
 CISCO : Cisco IOS XE 3.10
CVE:CVE-2014-2113 (Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.)
 CVE-2014-2112 (The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357.)
 CVE-2014-2111 (The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.)
 CVE-2014-2109 (The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.)
 CVE-2014-2108 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.)
 CVE-2014-2107 (Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.)
 CVE-2014-2106 (Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898.)
Файлы:Cisco IOS Software Network Address Translation Vulnerabilities
 Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability
 Cisco IOS Software SSL VPN Denial of Service Vulnerability
 Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability
 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
 Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород