{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Cisco IOS XE 2.x ;","product":{"name":"IOS XE","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS XR 3.x.","product":{"name":"IOS XR","vendor":{"name":"Cisco","scada":false}}},{"description":"Cisco IOS 12.x et 15.x ;","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les syst\u00e8mes Cisco\nIOS :\n\n-   une erreur dans la gestion des flux r\u00e9seaux servant \u00e0 l'\u00e9change des\n    cl\u00e9s cryptographiques peut \u00eatre exploit\u00e9e afin de provoquer un\n    red\u00e9marrage de Cisco IOS ;\n-   un message SCCP (protocole propri\u00e9taire Skinny Call Control\n    Protocol) sp\u00e9cialement con\u00e7u peut faire red\u00e9marrer Cisco IOS ;\n-   un paquet r\u00e9seau LDP UDP (technologie li\u00e9e aux r\u00e9seaux MPLS)\n    sp\u00e9cialement con\u00e7u peut faire red\u00e9marrer Cisco IOS ;\n-   deux vuln\u00e9rabilit\u00e9s existent dans le code H.323 de Cisco IOS, une\n    exploitation r\u00e9ussie de ces vuln\u00e9rabilit\u00e9s provoque un d\u00e9ni de\n    service \u00e0 distance ou une ex\u00e9cution de code arbitraire \u00e0 distance ;\n-   plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le code SIP de\n    Cisco IOS, une exploitation r\u00e9ussie de ces vuln\u00e9rabilit\u00e9s provoquent\n    un d\u00e9ni de service \u00e0 distance ou une ex\u00e9cution de code arbitraire \u00e0\n    distance ;\n-   un segment TCP sp\u00e9cialement con\u00e7u peut bloquer ou faire red\u00e9marrer\n    Cisco IOS.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2010-0584","url":"https://www.cve.org/CVERecord?id=CVE-2010-0584"},{"name":"CVE-2010-0583","url":"https://www.cve.org/CVERecord?id=CVE-2010-0583"},{"name":"CVE-2010-0577","url":"https://www.cve.org/CVERecord?id=CVE-2010-0577"},{"name":"CVE-2010-0580","url":"https://www.cve.org/CVERecord?id=CVE-2010-0580"},{"name":"CVE-2010-0581","url":"https://www.cve.org/CVERecord?id=CVE-2010-0581"},{"name":"CVE-2010-0582","url":"https://www.cve.org/CVERecord?id=CVE-2010-0582"},{"name":"CVE-2010-0578","url":"https://www.cve.org/CVERecord?id=CVE-2010-0578"},{"name":"CVE-2010-0579","url":"https://www.cve.org/CVERecord?id=CVE-2010-0579"},{"name":"CVE-2010-0576","url":"https://www.cve.org/CVERecord?id=CVE-2010-0576"}],"links":[],"reference":"CERTA-2010-AVI-136","revisions":[{"description":"version initiale.","revision_date":"2010-03-26T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans les syst\u00e8mes Cisco IOS permettent de\nprovoquer un d\u00e9ni de service \u00e0 distance ou d'ex\u00e9cuter du code arbitraire\n\u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Cisco IOS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20100324-sip du 24 mars 2010","url":"http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20100324-ipsec du 24 mars 2010","url":"http://www.cisco.com/warp/public/707/cisco-sa-20100324-ipsec.shtml"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20100324-sccp du 24 mars 2010","url":"http://www.cisco.com/warp/public/707/cisco-sa-20100324-sccp.shtml"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20100324-h323 du 24 mars 2010","url":"http://www.cisco.com/warp/public/707/cisco-sa-20100324-h323.shtml"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20100324-tcp du 24 mars 2010","url":"http://www.cisco.com/warp/public/707/cisco-sa-20100324-tcp.shtml"},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Cisco 20100324-ldp du 24 mars 2010","url":"http://www.cisco.com/warp/public/707/cisco-sa-20100324-ldp.shtml"}]}