The Locator/ID Separation Protocol (LISP) implementation in Cisco IOS 15.1 and 15.2 and NX-OS 4.1 through 6.2 allows remote attackers to cause a denial of service (device reload) via a crafted header in a packet, aka Bug ID CSCuu64279.

goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of Service" issue, aka Bug ID CSCuy28100.

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow condition on the affected device, which will cause the device to reload and result in a DoS condition. Cisco Bug IDs: CSCvg62730.

A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to or through the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition on an affected device.

A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of user input. An attacker could exploit this vulnerability by first connecting to the SM-1T3/E3 module console and entering a string sequence. A successful exploit could allow the attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resulting in a DoS condition on an affected device.

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a crafted HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786. Only Smart Install client switches are affected. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability. Cisco Bug IDs: CSCvd40673.

A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly. The Cisco implementation of the BGP protocol only accepts incoming BGP traffic from explicitly defined peers. To exploit this vulnerability, an attacker must be able to send the malicious packets over a TCP connection that appears to come from a trusted BGP peer or inject malformed messages into the victim's BGP network. This would require obtaining information about the BGP peers in the affected system's trusted network. The vulnerability may be triggered when the router receives a malformed BGP message from a peer on an existing BGP session. At least one BGP neighbor session must be established for a router to be vulnerable. This vulnerability affects Nexus 2000 Series Switches, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCve79599, CSCve87784, CSCve91371, CSCve91387.

A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.

A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.

A vulnerability in the Cisco TrustSec (CTS) Protected Access Credential (PAC) provisioning module of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of attributes in RADIUS messages. An attacker could exploit this vulnerability by sending a malicious RADIUS message to an affected device while the device is in a specific state.

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending malicious traffic to the internal distributed instance (DI) network address on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 through N5.5 with the Cisco StarOS operating system 19.2 through 21.3. Cisco Bug IDs: CSCve17656.

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuj73916.

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg62754.

Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets.

goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.

Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933.

Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400.

Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNMP packets, which allows remote attackers to cause a denial of service (SNMP application restart) via a crafted packet, aka Bug ID CSCut84645.

Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.

Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800.

Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is used, and Videoscape Distribution Suite for Internet Streaming (aka VDS-IS or CDS-IS) before 3.3.1 R7 and 4.x before 4.0.0 R4 allow remote attackers to cause a denial of service (device reload) via a crafted HTTP request, aka Bug IDs CSCus79834 and CSCuu63409.

The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 3.9.xS and 3.10.xS before 3.10.4S, 3.11.xS before 3.11.3S, 3.12.xS before 3.12.2S, and 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) by sending malformed mDNS UDP packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCup70579.

The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954.

The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S, when MMON or NBAR is enabled, allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets with IPv4 UDP encapsulation, aka Bug ID CSCua79665.

Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12.xS before 3.12.3S, 3.2.xE through 3.7.xE before 3.7.1E, 3.3.xSG, 3.4.xSG, and 3.13.xS before 3.13.2S allow remote attackers to cause a denial of service (device reload) by sending malformed IKEv2 packets over (1) IPv4 or (2) IPv6, aka Bug ID CSCum36951.

The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192.

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315.

Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873.

The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.2S, 3.13 before 3.13.1S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuq59131.

AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via a crafted TCP packet, aka Bug ID CSCuo53622.

The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293.

The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before 8.6(1.17), 9.0 before 9.0(4.33), 9.1 before 9.1(6), 9.2 before 9.2(3.4), and 9.3 before 9.3(3), when Clientless SSL VPN, AnyConnect SSL VPN, or AnyConnect IKEv2 VPN is used, allows remote attackers to cause a denial of service (VPN outage or device reload) via a crafted XML document, aka Bug ID CSCus95290.

The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via large IP packets that require NAT and HSL processing after fragmentation, aka Bug ID CSCuo25741.

Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S allows remote attackers to cause a denial of service (device reload) via crafted IPv6 packets, aka Bug ID CSCub68073.

Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) UDP packets, aka Bug ID CSCum98371.

Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514.

Cisco IOS 12.0, 12.2, 12.4, 15.0, 15.1, 15.2, and 15.3 and IOS XE 2.x and 3.x before 3.7.4S; 3.2.xSE and 3.3.xSE before 3.3.2SE; 3.3.xSG and 3.4.xSG before 3.4.4SG; and 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S allow remote attackers to cause a denial of service (device reload) via malformed RSVP packets, aka Bug ID CSCui11547.

The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101.

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtq72699.

Cisco IOS 12.2 and 15.0 through 15.3 and IOS XE 3.2 through 3.7 before 3.7.5S and 3.8 through 3.10 before 3.10.1S allow remote attackers to cause a denial of service (device reload) via a malformed IKEv2 packet, aka Bug ID CSCui88426.

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua86589.

Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720.