Max CVSS 10.0 Min CVSS 2.1 Total Count160
IDCVSSSummaryLast (major) updatePublished
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
19-02-2017 - 00:21 08-07-2008 - 19:41
CVE-2001-0414 10.0
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
07-12-2016 - 21:59 18-06-2001 - 00:00
CVE-2004-1060 5.0
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment w
17-10-2016 - 22:51 12-04-2004 - 00:00
CVE-2004-0791 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench a
17-10-2016 - 22:49 12-04-2005 - 00:00
CVE-2004-0790 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have
17-10-2016 - 22:49 12-04-2005 - 00:00
CVE-2008-4609 7.1
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vect
10-10-2013 - 22:56 20-10-2008 - 13:59
CVE-2010-2494 5.0
Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with
13-02-2013 - 23:31 08-07-2010 - 14:30
CVE-2006-3894 5.0
The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco products, and other products, allows remote attackers to cause a denial of service via malformed ASN.1 objects.
05-11-2012 - 22:16 22-05-2007 - 15:30
CVE-2008-3812 7.1
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3811 7.8
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnera
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3810 7.8
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than C
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3809 7.1
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3808 7.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3807 9.3
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this commun
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3805 8.5
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of s
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3804 7.1
Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3803 5.1
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from oth
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3802 7.1
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Ci
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3801 7.1
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3800 7.1
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3799 7.8
Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2008-3798 7.8
Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
29-10-2012 - 23:15 26-09-2008 - 12:21
CVE-2007-2586 9.3
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that i
29-10-2012 - 22:48 09-05-2007 - 20:19
CVE-2009-2862 4.3
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu7021
20-12-2011 - 00:00 28-09-2009 - 15:30
CVE-2009-0634 7.1
Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge
18-07-2011 - 22:25 27-03-2009 - 12:30
CVE-2009-0633 7.1
Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packet
18-07-2011 - 22:25 27-03-2009 - 12:30
CVE-2009-0628 9.0
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block
18-07-2011 - 22:25 27-03-2009 - 12:30
CVE-2007-0918 7.1
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations tha
15-07-2011 - 00:00 13-02-2007 - 21:28
CVE-2010-2939 4.3
Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (cras
03-05-2011 - 22:49 17-08-2010 - 16:00
CVE-2008-3813 7.8
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
07-03-2011 - 22:11 26-09-2008 - 12:21
CVE-2008-2739 7.8
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different
07-03-2011 - 22:09 26-09-2008 - 12:21
CVE-2008-1159 7.1
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.
07-03-2011 - 22:06 22-05-2008 - 09:09
CVE-2008-1156 5.1
Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree
07-03-2011 - 22:06 27-03-2008 - 06:44
CVE-2008-1153 7.1
Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.
07-03-2011 - 22:06 27-03-2008 - 06:44
CVE-2008-1152 7.8
The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.
07-03-2011 - 22:06 27-03-2008 - 13:44
CVE-2008-1151 7.1
Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated afte
07-03-2011 - 22:06 27-03-2008 - 13:44
CVE-2008-1150 7.1
The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) dat
07-03-2011 - 22:06 27-03-2008 - 13:44
CVE-2008-0537 7.1
Unspecified vulnerability in the Supervisor Engine 32 (Sup32), Supervisor Engine 720 (Sup720), and Route Switch Processor 720 (RSP720) for multiple Cisco products, when using Multi Protocol Label Switching (MPLS) VPN and OSPF sham-link, allows remote
07-03-2011 - 22:04 27-03-2008 - 06:44
CVE-2007-4295 6.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
07-03-2011 - 21:58 09-08-2007 - 17:17
CVE-2007-4294 6.8
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
07-03-2011 - 21:58 09-08-2007 - 17:17
CVE-2007-4293 7.1
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.
07-03-2011 - 21:58 09-08-2007 - 17:17
CVE-2007-4292 9.3
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, an
07-03-2011 - 21:58 09-08-2007 - 17:17
CVE-2007-4291 7.1
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with
07-03-2011 - 21:58 09-08-2007 - 17:17
CVE-2007-4286 9.3
Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.
07-03-2011 - 21:58 09-08-2007 - 17:17
CVE-2007-4263 8.5
Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.
07-03-2011 - 21:58 08-08-2007 - 19:17
CVE-2007-2813 7.8
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
07-03-2011 - 21:55 22-05-2007 - 15:30
CVE-2007-2587 6.3
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).
07-03-2011 - 21:54 09-05-2007 - 20:19
CVE-2007-1258 6.1
Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial
07-03-2011 - 21:51 03-03-2007 - 15:19
CVE-2007-1257 10.0
The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address.
07-03-2011 - 21:51 03-03-2007 - 15:19
CVE-2007-0917 6.4
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.
07-03-2011 - 21:50 13-02-2007 - 21:28
CVE-2007-0648 7.8
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
07-03-2011 - 21:50 31-01-2007 - 20:28
CVE-2007-0481 7.8
Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header.
07-03-2011 - 21:49 24-01-2007 - 19:28
CVE-2007-0480 10.0
Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.
07-03-2011 - 21:49 24-01-2007 - 19:28
CVE-2007-0479 7.8
Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x allows remote attackers to cause a denial of service by sending crafted TCP traffic to an IPv4 address on the IOS device.
07-03-2011 - 21:49 24-01-2007 - 19:28
CVE-2007-0199 5.0
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
07-03-2011 - 21:48 11-01-2007 - 06:28
CVE-2006-3291 9.3
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all securi
07-03-2011 - 21:38 28-06-2006 - 19:05
CVE-2006-0340 7.1
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang an
07-03-2011 - 21:29 20-01-2006 - 19:03
CVE-2005-3921 2.6
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memor
07-03-2011 - 21:27 30-11-2005 - 06:03
CVE-2005-3481 9.3
Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasi
07-03-2011 - 21:26 02-11-2005 - 21:02
CVE-2005-2841 7.5
Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted u
07-03-2011 - 21:25 08-09-2005 - 06:03
CVE-2008-0960 10.0
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
07-03-2011 - 00:00 10-06-2008 - 14:32
CVE-2007-4285 9.0
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or
07-03-2011 - 00:00 09-08-2007 - 17:17
CVE-2010-2994 10.0
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.
17-02-2011 - 01:57 13-08-2010 - 14:43
CVE-2010-2995 10.0
The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.
17-02-2011 - 00:00 13-08-2010 - 14:43
CVE-2010-1526 6.8
Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpe
07-12-2010 - 01:47 24-08-2010 - 18:00
CVE-2010-2253 6.8
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Dis
06-11-2010 - 01:37 06-07-2010 - 13:17
CVE-2010-2799 6.8
Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-l
15-09-2010 - 00:00 14-09-2010 - 17:00
CVE-2010-0586 7.8
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Clie
21-08-2010 - 01:39 25-03-2010 - 17:00
CVE-2009-2869 7.8
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948.
21-08-2010 - 01:34 28-09-2009 - 15:30
CVE-2009-2867 7.8
Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP tr
21-08-2010 - 01:34 28-09-2009 - 15:30
CVE-2009-2049 5.4
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t a
21-08-2010 - 01:33 30-07-2009 - 14:30
CVE-2009-1168 7.1
Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0;
21-08-2010 - 01:31 30-07-2009 - 14:30
CVE-2009-0631 7.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol
21-08-2010 - 01:30 27-03-2009 - 11:16
CVE-2009-0626 7.8
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
21-08-2010 - 01:30 27-03-2009 - 12:30
CVE-2008-3806 8.5
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of s
21-08-2010 - 01:23 26-09-2008 - 12:21
CVE-2010-2827 7.8
Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193.
20-08-2010 - 02:01 16-08-2010 - 14:39
CVE-2010-0584 7.8
Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250.
13-07-2010 - 01:50 25-03-2010 - 17:00
CVE-2010-0583 7.8
Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855.
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0582 7.8
Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0581 10.0
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability."
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0580 10.0
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0579 7.8
The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability."
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0578 7.8
The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491.
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0577 7.1
Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz751
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0576 7.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to
13-04-2010 - 01:43 25-03-2010 - 17:00
CVE-2010-0585 7.8
Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Clie
01-04-2010 - 01:40 25-03-2010 - 17:00
CVE-2009-2865 7.6
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a d
17-12-2009 - 00:00 28-09-2009 - 15:30
CVE-2009-2873 7.1
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-2872 6.8
Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from on
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-2871 7.8
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002.
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-2870 7.8
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880.
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-2868 7.8
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee729
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-2866 7.8
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-2863 7.1
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
01-10-2009 - 01:24 28-09-2009 - 15:30
CVE-2009-0627 7.8
Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibl
09-09-2009 - 00:00 08-09-2009 - 19:30
CVE-2009-0637 7.1
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbit
24-07-2009 - 00:00 27-03-2009 - 12:30
CVE-2009-0630 7.1
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Co
24-07-2009 - 00:00 27-03-2009 - 12:30
CVE-2009-0629 5.4
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB),
24-07-2009 - 00:00 27-03-2009 - 12:30
CVE-2009-0635 7.1
Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a seque
02-04-2009 - 01:44 27-03-2009 - 12:30
CVE-2009-0636 7.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.
30-03-2009 - 00:00 27-03-2009 - 12:30
CVE-2005-3669 5.0
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the
04-03-2009 - 00:40 18-11-2005 - 16:03
CVE-2005-2451 2.1
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.
04-03-2009 - 00:37 03-08-2005 - 00:00
CVE-2005-2105 7.5
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
04-03-2009 - 00:35 05-07-2005 - 00:00
CVE-2005-1058 7.5
Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass X
04-03-2009 - 00:32 02-05-2005 - 00:00
CVE-2005-1057 7.5
Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."
04-03-2009 - 00:32 02-05-2005 - 00:00
CVE-2005-1021 7.1
Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.
04-03-2009 - 00:32 02-05-2005 - 00:00
CVE-2005-1020 7.1
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the
04-03-2009 - 00:32 02-05-2005 - 00:00
CVE-2005-0197 6.1
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
04-03-2009 - 00:29 02-05-2005 - 00:00
CVE-2005-0196 5.0
Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.
04-03-2009 - 00:29 02-05-2005 - 00:00
CVE-2005-0195 5.0
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
04-03-2009 - 00:29 02-05-2005 - 00:00
CVE-2005-0186 5.0
Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed p
04-03-2009 - 00:29 19-01-2005 - 00:00
CVE-2004-1111 5.0
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attacker
04-03-2009 - 00:23 10-01-2005 - 00:00
CVE-2004-0714 5.0
Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memo
04-03-2009 - 00:22 27-07-2004 - 00:00
CVE-2004-0589 5.0
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
04-03-2009 - 00:22 06-08-2004 - 00:00
CVE-2004-0244 4.7
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, b
04-03-2009 - 00:21 23-11-2004 - 00:00
CVE-2004-0054 7.5
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.22
04-03-2009 - 00:21 17-02-2004 - 00:00
CVE-2003-0567 7.8
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
04-03-2009 - 00:18 18-08-2003 - 00:00
CVE-2002-1360 10.0
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code du
04-03-2009 - 00:14 23-12-2002 - 00:00
CVE-2002-1359 10.0
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH
04-03-2009 - 00:14 23-12-2002 - 00:00
CVE-2002-1358 10.0
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
04-03-2009 - 00:14 23-12-2002 - 00:00
CVE-2002-1357 10.0
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH
04-03-2009 - 00:14 23-12-2002 - 00:00
CVE-2002-0012 10.0
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candi
10-09-2008 - 15:11 13-02-2002 - 00:00
CVE-2000-0984 5.0
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
10-09-2008 - 15:06 19-12-2000 - 00:00
CVE-2000-0268 5.0
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
10-09-2008 - 15:03 20-04-2000 - 00:00
CVE-2004-1464 5.0
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
10-09-2008 - 00:00 31-12-2004 - 00:00
CVE-2002-0053 7.5
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be
10-09-2008 - 00:00 08-03-2002 - 00:00
CVE-2000-0380 7.1
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
10-09-2008 - 00:00 26-04-2000 - 00:00
CVE-1999-0445 5.0
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
09-09-2008 - 08:34 01-04-1999 - 00:00
CVE-1999-0160 7.5
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
09-09-2008 - 08:33 01-10-1997 - 00:00
CVE-1999-0063 5.0
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.
09-09-2008 - 08:33 11-01-1999 - 00:00
CVE-2005-0068 5.0
The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1)
05-09-2008 - 16:45 22-12-2004 - 00:00
CVE-2005-0067 5.0
The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrate
05-09-2008 - 16:45 22-12-2004 - 00:00
CVE-2005-0066 5.0
The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement nu
05-09-2008 - 16:45 22-12-2004 - 00:00
CVE-2005-0065 10.0
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for a
05-09-2008 - 16:45 02-05-2005 - 00:00
CVE-2004-1776 7.5
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
05-09-2008 - 16:42 28-02-2001 - 00:00
CVE-2004-1775 5.0
Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.
05-09-2008 - 16:42 31-12-2004 - 00:00
CVE-2004-1454 5.0
Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.
05-09-2008 - 16:41 31-12-2004 - 00:00
CVE-2003-1109 7.5
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly e
05-09-2008 - 16:36 31-12-2003 - 00:00
CVE-2002-1706 5.0
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integ
05-09-2008 - 16:31 31-12-2002 - 00:00
CVE-2002-1024 7.1
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-0339 5.0
Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.
05-09-2008 - 16:27 25-06-2002 - 00:00
CVE-2001-1434 5.0
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
05-09-2008 - 16:26 28-02-2001 - 00:00
CVE-2001-1183 5.0
PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.
05-09-2008 - 16:25 12-07-2001 - 00:00
CVE-2001-0929 7.5
Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.
05-09-2008 - 16:25 28-11-2001 - 00:00
CVE-2001-0895 5.0
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the r
05-09-2008 - 16:25 15-11-2001 - 00:00
CVE-2001-0867 7.5
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0866 7.5
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0865 7.5
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0864 7.5
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0863 5.0
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragmen
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0862 7.5
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL.
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0861 5.0
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
05-09-2008 - 16:25 06-12-2001 - 00:00
CVE-2001-0750 5.0
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
05-09-2008 - 16:24 18-10-2001 - 00:00
CVE-2001-0711 5.0
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.
05-09-2008 - 16:24 31-08-2001 - 00:00
CVE-2001-0650 5.0
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0572 7.5
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies
05-09-2008 - 16:24 22-08-2001 - 00:00
CVE-2001-0288 7.5
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-1999-1465 7.5
Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with
05-09-2008 - 16:19 31-12-1999 - 00:00
CVE-1999-1464 7.5
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have
05-09-2008 - 16:19 31-12-1999 - 00:00
CVE-2001-0537 9.3
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
05-09-2008 - 00:00 21-07-2001 - 00:00
Back to Top Mark selected
Back to Top