SB2011100404 - Multiple vulnerabilities in Nextcloud ios
Published: October 4, 2011 Updated: December 20, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Memory leak (CVE-ID: CVE-2011-3273)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within Cisco IOS 15.0 through 15.1, when IPS or Zone-Based Firewall (aka ZBFW) is configured, allows remote attackers to cause a denial of service (memory consumption or device crash) via vectors that trigger many session creation flows, aka Bug ID CSCti79848. A remote attacker can perform a denial of service attack.
2) Input validation error (CVE-ID: CVE-2011-3281)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
Unspecified vulnerability in Cisco IOS 15.0 through 15.1, in certain HTTP Layer 7 Application Control and Inspection configurations, allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTP packet, aka Bug ID CSCto68554.
Remediation
Install update from vendor's website.