VARIoT IoT vulnerabilities database

Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164. Vendors have confirmed this vulnerability Bug ID CSCub34945 It is released as. This vulnerability CVE-2013-1164 Is a different vulnerability.Fragmented by a third party IPv6 of MVPN Service disruption via packets ( Reload card ) There is the ability to be put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS XE is prone to a remote denial-of-service vulnerability. Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. The vulnerability stems from the fact that the program does not correctly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) function

The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing crafted environment variables. Plesk Panel 11.0.9 and possibly earlier versions contains multiple privilege escalation vulnerabilities. Parallels Plesk Panel is a web hosting control panel with integrated web design, SaaS marketplace and payment system. The Plesk / usr / sbin / suexec program (the program may be unknown elsewhere, but the file name is always suexec) allows CGI wrappers (cgi-wrapper) to be called to bypass restrictions on file ownership. Parallels Plesk Panel is prone to a local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execute arbitrary commands via unknown vectors. An attacker can exploit this issue to execute arbitrary shell commands (Unix or Windows command or scripts) within the context of the application. The software supports secure integration of complex B2B processes with diverse partner communities. The vulnerability stems from an unspecified bug in the CLA2 server

Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. Vendors have confirmed this vulnerability Bug ID CSCub85692 , CSCud20267 It is released as.Skillfully crafted by a third party IKEv1 Service disruption via message ( Device reload ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCub85692 and CSCud20267

The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590. An attacker can exploit this issue to reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCud16590. This vulnerability exists in the following versions: 7.x prior to 7.2(5.10), 8.0 prior to 8.0(5.31), 8.1 and 8.2 prior to 8.2(5.38), 8.3 prior to 8.3(2.37), 8.4(5 ) before 8.4, 8.5(1.17) before 8.5, 8.6(1.10) before 8.6, 8.7(1.3) before 8.7, and 9.1(1.2) before 9.1

Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408. Vendors have confirmed this vulnerability Bug ID CSCuc72408 It is released as.Service disruption through a crafted certificate by a third party ( Device reload ) There is a possibility of being put into a state. An attacker can exploit this issue to reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuc72408. This vulnerability exists in the following versions: 7.x prior to 7.2(5.10), 8.0 prior to 8.0(5.31), 8.1 and 8.2 prior to 8.2(5.38), 8.3 prior to 8.3(2.37), 8.4(5 ) before 8.4, 8.5 (1.17) before 8.5, 8.6 (1.10) before 8.6, and 8.7 (1.3) before 8.7

Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080. An attacker can exploit this issue to reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuc80080

The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624. An attacker can exploit this issue to cause a vulnerable device to reload, triggering a denial-of-service condition. This issue is tracked by Cisco Bug ID CSCtg02624

Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. A security vulnerability exists in Cisco IOS XE software that allows unauthenticated remote attackers to conduct denial of service attacks. This vulnerability is triggered by traffic that passes through or is targeted to the affected device. Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCtz97563 and CSCub34945

The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and consequently gain privileges or trigger incorrect protective-relay operation, via a Trojan horse executable file. MiCOM S1 Studio Software is a parameter that allows the user to modify or manage the generator protection unit. MiCOM S1 Studio Software does not restrict user access to installed executables. Malicious users who can access the local system can replace malicious files in the MiCOM S1 Studio Program Files directory. When the MiCOM S1 Studio application is executed, malicious programs are randomly replaced. run. MiCOM S1 Studio is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. It provides users with easy-to-operate and powerful management and debugging functions. The interface is more intuitive, the function is more powerful, and it is more convenient to use

Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293. Vendors have confirmed this vulnerability Bug ID CSCtz23293 It is released as.Skillfully crafted by a third party L2TP Service disruption via packets ( Reload card ) There is a possibility of being put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The Cisco 1000 ASR does not correctly handle special L2TP packets, allowing an attacker to send a large number of L2TP packets to overload the system and cause a denial of service attack. The communication with the target affected device cannot trigger this vulnerability. Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service. This issue is being tracked by Cisco Bug ID CSCtz23293

Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. This vulnerability could not be triggered by SIP traffic targeted to the affected device. Cisco IOS XE is prone to a remote denial-of-service vulnerability. Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service. This issue is being tracked by Cisco Bug ID CSCuc65609

Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. The communication with the target affected device cannot trigger this vulnerability. Successful exploits may allow an attackers to cause a reload of the affected devices, denying service to legitimate users. Repeated attacks will result in a sustained denial of service. This issue is being tracked by Cisco Bug ID CSCtt11558

The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a session cookie, aka Bug ID CSCuc64885. Vendors have confirmed this vulnerability Bug ID CSCuc64885 It is released as.The third party Cookie Using the information can hijack a session. Cisco Unified MeetingPlace is prone to an authentication-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access to the affected application and perform arbitrary actions. This issue is being tracked by Cisco Bug ID CSCuc64885. This solution provides a user environment that integrates voice, video and Web conferencing

Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate users via a crafted login request, aka Bug ID CSCuc64846. Vendors have confirmed this vulnerability Bug ID CSCuc64846 It is released as.Skillfully crafted by a third party login It is possible to impersonate a user via a request. Cisco Unified MeetingPlace is prone to an arbitrary login security vulnerability. A remote attacker can exploit this issue to impersonate a legitimate user and send arbitrary commands to the affected system. This issue is being tracked by Cisco Bug ID CSCuc64846. Cisco Unified MeetingPlace is a set of multimedia conferencing solutions of Cisco (Cisco). This solution provides a user environment that integrates voice, video and Web conferencing. The vulnerability comes from the fact that the program does not verify the COOKIE correctly when the Remember Me option is enabled

The Cisco Prime Network Control System (NCS) appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service (service disruption) via unspecified vectors, aka Bug ID CSCtz30468. ( Service interruption ) There are vulnerabilities that are put into a state. Vendors have confirmed this vulnerability Bug ID CSCtz30468 It is released as.The setting is changed by a third party or service operation is interrupted ( Service interruption ) There is a possibility of being put into a state. Cisco Prime Network Control Systems is prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCtz30468. The platform can be used to monitor and troubleshoot wired and wireless LANs. A remote attacker could exploit this vulnerability through an unknown vector to modify the configuration or cause a denial of service (blocked service)

The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153. Vendors have confirmed this vulnerability Bug ID CSCud14153 It is released as.Authority may be obtained by local users. Local attackers can exploit these issues to gain elevated SYSTEM privileges. Successful exploits will result in the complete compromise of affected computers. This issue is being tracked by Cisco Bug ID CSCud14153

Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143. Vendors have confirmed this vulnerability Bug ID CSCud14143 It is released as.Authority may be obtained by local users. Local attackers can exploit this issue to gain elevated SYSTEM privileges. Successful exploits will result in the complete compromise of affected computers. This issue is being tracked by Cisco Bug ID CSCud14143

Cisco Universal Broadband (aka uBR) 10000 series routers, when an IPv4/IPv6 dual-stack modem is used, allow remote attackers to cause a denial of service (routing-engine reload) via unspecified changes to IP address assignments, aka Bug ID CSCue15313. The Cisco uBR 10000 Series is a router device from Cisco. A security vulnerability exists in the Cisco uBR 10000 that allows unauthenticated remote attackers to conduct denial of service attacks. By operating the IPv4 and IPv6 address assignments of a dual-stack modem connected to the affected device, an attacker in a neighboring network can reload the router engine in the device. Successful exploits will cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCue15313. Successful exploitation of the vulnerability requires the program to use IPv4/IPv6 dual-track routers

Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable. Plesk Panel 11.0.9 and possibly earlier versions contains multiple privilege escalation vulnerabilities. Parallels Plesk Panel is a web hosting control panel with integrated web design, SaaS marketplace and payment system. The program / usr / local / psa / admin / sbin / wrapper allows the user psaadm to execute various management scripts with root permissions. These scripts do not specify the full path when calling external programs. By specifying a malicious PATH environment variable, an attacker can make these management The script executes malicious programs controlled by the attacker, leading to elevated privileges. Parallels Plesk Panel is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with root privileges. Parallels Plesk Panel 11.0.9 is vulnerable; other versions may also be vulnerable