DoS | Marcin Lis

We have three new vulnerabilities in Cisco.

One could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
One that could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.
And another one which could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.

Cisco IOS XR Software SSH Privilege Escalation Vulnerability (Security Impact Rating: High)
Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability (Security Impact Rating: Medium)
Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability (Security Impact Rating: Medium)
Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability (Security Impact Rating: High)
Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities (Security Impact Rating: Medium)
Cisco IOS XR Software Authenticated CLI Secure Copy Protocol and SFTP Denial of Service Vulnerability (Security Impact Rating: Medium)
Cisco IOS XR Software for ASR 9000 Series Aggregation Services Routers PPPoE Denial of Service Vulnerability (Security Impact Rating: High)

Tag: DoS