Computer Security
[EN] securityvulns.ru no-pyccku


Cisco IOS multiple security vulnerabilities
Published:27.03.2014
Source:
SecurityVulns ID:13631
Type:remote
Threat Level:
7/10
Description:Multiple DoS conditions.
Affected:CISCO : Cisco IOS 12.2
 CISCO : Cisco IOS 12.3
 CISCO : Cisco IOS 12.4
 CISCO : Cisco IOS 15.0
 CISCO : Cisco IOS 15.1
 CISCO : Cisco IOS 15.2
 CISCO : Cisco IOS 15.3
 CISCO : Cisco IOS 15.4
 CISCO : Cisco IOS XE 3.2
 CISCO : Cisco IOS XE 3.3
 CISCO : Cisco IOS XE 3.4
 CISCO : Cisco IOS XE 3.5
 CISCO : Cisco IOS XE 3.6
 CISCO : Cisco IOS XE 3.7
 CISCO : Cisco IOS XE 3.8
 CISCO : Cisco IOS XE 3.9
 CISCO : Cisco IOS XE 3.10
CVE:CVE-2014-2113 (Cisco IOS 15.1 through 15.3 and IOS XE 3.3 and 3.5 before 3.5.2E; 3.7 before 3.7.5S; and 3.8, 3.9, and 3.10 before 3.10.2S allow remote attackers to cause a denial of service (I/O memory consumption and device reload) via a malformed IPv6 packet, aka Bug ID CSCui59540.)
 CVE-2014-2112 (The SSL VPN (aka WebVPN) feature in Cisco IOS 15.1 through 15.4 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP requests, aka Bug ID CSCuf51357.)
 CVE-2014-2111 (The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted DNS packets, aka Bug ID CSCue00996.)
 CVE-2014-2109 (The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494.)
 CVE-2014-2108 (Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.)
 CVE-2014-2107 (Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C-10GE and RSP720-3CXL-10GE devices, allows remote attackers to cause a denial of service (route switch processor outage) via crafted IP packets, aka Bug ID CSCug84789.)
 CVE-2014-2106 (Cisco IOS 15.3M before 15.3(3)M2 and IOS XE 3.10.xS before 3.10.2S allow remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCug45898.)
Files:Cisco IOS Software Network Address Translation Vulnerabilities
 Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability
 Cisco IOS Software SSL VPN Denial of Service Vulnerability
 Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability
 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
 Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod