exploits , vulnerabilities , articles , Cisco IOS Virtual Private Dial-up Network Multiple Denial of Service Vulnerabilities

Title	Cisco IOS Virtual Private Dial-up Network Multiple Denial of Service Vulnerabilities
Published	2008-03-26-12:00AM
Updated	2008-03-26-08:49PM
Class	Design Error
CVE	CVE-2008-1151 E-2008-1150
Remote	Yes
Local	No
Credit	Martin Kluge of Elxsi Security
Vulnerable	Cisco IOS 12.2 YZ Cisco IOS 12.2 YX Cisco IOS 12.2 YO Cisco IOS 12.2 YE Cisco IOS 12.2 YC Cisco IOS 12.2 XV Cisco IOS 12.2 XU Cisco IOS 12.2 XT Cisco IOS 12.2 XS Cisco IOS 12.2 XQ Cisco IOS 12.2 XK Cisco IOS 12.2 XJ Cisco IOS 12.2 XI Cisco IOS 12.2 XH Cisco IOS 12.2 XG Cisco IOS 12.2 XF Cisco IOS 12.2 XE Cisco IOS 12.2 XD Cisco IOS 12.2 XC Cisco IOS 12.2 XB Cisco IOS 12.2 XA Cisco IOS 12.2 T Cisco IOS 12.2 SY Cisco IOS 12.2 SX Cisco IOS 12.2 SU Cisco IOS 12.2 S Cisco IOS 12.2 DX Cisco IOS 12.2 DA Cisco IOS 12.2 BY Cisco IOS 12.2 B Cisco IOS 12.1 YI Cisco IOS 12.1 YF Cisco IOS 12.1 YE Cisco IOS 12.1 YD Cisco IOS 12.1 YC Cisco IOS 12.1 YB Cisco IOS 12.1 YA Cisco IOS 12.1 XY Cisco IOS 12.1 XV Cisco IOS 12.1 XT Cisco IOS 12.1 XS Cisco IOS 12.1 XR Cisco IOS 12.1 XQ Cisco IOS 12.1 XP Cisco IOS 12.1 XM Cisco IOS 12.1 XL Cisco IOS 12.1 XJ Cisco IOS 12.1 T Cisco IOS 12.1 EZ Cisco IOS 12.1 EX Cisco IOS 12.1 EC Cisco IOS 12.1 EA Cisco IOS 12.1 E Cisco IOS 12.1 DC Cisco IOS 12.1 AY Cisco IOS 12.2
Not Vulnerable	Cisco IOS 12.4(18a) Cisco IOS 12.4(18a) Cisco IOS 12.3T Cisco IOS 12.3(26) Cisco IOS 12.3(23)BC1 Cisco IOS 12.2BC Cisco IOS 12.2(8)T Cisco IOS 12.2(8)BY Cisco IOS 12.2(8)BW1a Cisco IOS 12.2(4)BW1 Cisco IOS 12.2(4)B5 Cisco IOS 12.2(33)SRC Cisco IOS 12.2(25)S15 Cisco IOS 12.2(2)XB5 Cisco IOS 12.2(2)XB5 Cisco IOS 12.2(18)SXF13 Cisco IOS 12.2(18)2 Cisco IOS 12.2(15)T4e Cisco IOS 12.1(22)EA11 Cisco IOS 12.1(22)EA11 Cisco IOS 12.1(22)AY1 Cisco IOS 12.1(11)EA1
Code	A specific exploit is not required. The attacker would only need to establish a PPTP session with an affected device.
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-02 xrdp Multiple Buffer Overflow Vulnerabilities
• 2008-12-02 FFmpeg Multiple Denial of Service Vulnerabilities
• 2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
• 2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
• 2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
• 2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
• 2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
• 2008-11-28 ReVou Login SQL Injection Vulnerability
• 2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-11-28 SailPlanner Login SQL Injection Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 02 Dec 2008 20:03:49 +0000