Max CVSS 10.0 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2006-3906 5.0
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the sess
02-07-2024 - 12:57 27-07-2006 - 22:04
CVE-2005-3669 5.0
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the
02-07-2024 - 12:57 18-11-2005 - 21:03
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
28-12-2023 - 15:33 23-11-2004 - 05:00
CVE-2007-2586 9.3
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that i
09-05-2023 - 13:53 10-05-2007 - 00:19
CVE-2008-3804 7.1
Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path
29-08-2022 - 21:04 26-09-2008 - 16:21
CVE-2004-0589 4.3
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
24-08-2022 - 15:40 06-08-2004 - 04:00
CVE-2008-3813 7.8
Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet.
02-06-2022 - 17:22 26-09-2008 - 16:21
CVE-2008-3812 7.1
Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet.
02-06-2022 - 17:20 26-09-2008 - 16:21
CVE-2008-3809 7.1
Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet.
02-06-2022 - 17:19 26-09-2008 - 16:21
CVE-2008-3807 9.3
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this commun
02-06-2022 - 17:18 26-09-2008 - 16:21
CVE-2008-3808 7.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.
02-06-2022 - 17:18 26-09-2008 - 16:21
CVE-2008-3805 8.5
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of s
02-06-2022 - 17:17 26-09-2008 - 16:21
CVE-2008-3803 5.1
A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from oth
02-06-2022 - 17:16 26-09-2008 - 16:21
CVE-2008-3802 7.1
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Ci
02-06-2022 - 17:13 26-09-2008 - 16:21
CVE-2008-3801 7.1
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device
02-06-2022 - 17:12 26-09-2008 - 16:21
CVE-2008-3800 7.1
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device
02-06-2022 - 17:11 26-09-2008 - 16:21
CVE-2008-3799 7.8
Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP
02-06-2022 - 17:10 26-09-2008 - 16:21
CVE-2008-3798 7.8
Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session.
02-06-2022 - 17:09 26-09-2008 - 16:21
CVE-2008-2739 7.8
The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different
02-06-2022 - 17:09 26-09-2008 - 16:21
CVE-2007-0918 7.1
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations tha
02-06-2022 - 17:09 14-02-2007 - 02:28
CVE-2006-3894 5.0
The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco products, and other products, allows remote attackers to cause a denial of service via malformed ASN.1 objects.
17-12-2021 - 20:00 22-05-2007 - 19:30
CVE-2007-2587 6.3
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).
22-05-2020 - 17:01 10-05-2007 - 00:19
CVE-2007-2688 7.8
The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
30-10-2018 - 16:26 16-05-2007 - 01:19
CVE-2003-0851 5.0
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
30-10-2018 - 16:26 01-12-2003 - 05:00
CVE-2007-1270 5.0
Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors.
30-10-2018 - 16:26 06-04-2007 - 00:19
CVE-2003-0567 7.8
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
30-10-2018 - 16:26 18-08-2003 - 04:00
CVE-2004-0714 5.0
Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memo
30-10-2018 - 16:26 27-07-2004 - 04:00
CVE-2008-0960 10.0
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
30-10-2018 - 16:25 10-06-2008 - 18:32
CVE-2007-4632 4.3
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authent
26-10-2018 - 14:04 31-08-2007 - 23:17
CVE-2006-0225 4.6
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
19-10-2018 - 15:43 25-01-2006 - 11:03
CVE-2005-4826 6.1
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different iss
19-10-2018 - 15:41 31-12-2005 - 05:00
CVE-2005-4436 7.8
Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) m
19-10-2018 - 15:40 21-12-2005 - 01:03
CVE-2005-4437 7.5
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message
19-10-2018 - 15:40 21-12-2005 - 01:03
CVE-2005-3921 2.6
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memor
19-10-2018 - 15:39 30-11-2005 - 11:03
CVE-2004-1060 5.0
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment w
19-10-2018 - 15:30 12-04-2004 - 04:00
CVE-2004-0230 5.0
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that u
19-10-2018 - 15:30 18-08-2004 - 04:00
CVE-2006-4924 7.8
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
17-10-2018 - 21:40 27-09-2006 - 01:07
CVE-2006-4650 2.6
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect
17-10-2018 - 21:38 09-09-2006 - 00:04
CVE-2007-4286 9.3
Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.
15-10-2018 - 21:34 09-08-2007 - 21:17
CVE-2003-0543 5.0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
03-05-2018 - 01:29 17-11-2003 - 05:00
CVE-2001-0328 5.0
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected IS
19-10-2017 - 01:29 27-06-2001 - 04:00
CVE-2001-0380 6.4
Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.
19-10-2017 - 01:29 18-06-2001 - 04:00
CVE-2007-3283 6.8
GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
11-10-2017 - 01:32 19-06-2007 - 22:30
CVE-2007-2813 7.8
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
11-10-2017 - 01:32 22-05-2007 - 19:30
CVE-2006-3595 7.5
The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.
11-10-2017 - 01:31 18-07-2006 - 15:37
CVE-2006-4950 10.0
Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOC
11-10-2017 - 01:31 23-09-2006 - 10:07
CVE-2007-0481 7.8
Cisco IOS allows remote attackers to cause a denial of service (crash) via a crafted IPv6 Type 0 Routing header.
11-10-2017 - 01:31 25-01-2007 - 00:28
CVE-2007-0648 7.8
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
11-10-2017 - 01:31 01-02-2007 - 01:28
CVE-2007-1257 10.0
The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address. Per: http://www.cisco.com/warp/public/707/c
11-10-2017 - 01:31 03-03-2007 - 20:19
CVE-2007-0917 6.4
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.
11-10-2017 - 01:31 14-02-2007 - 02:28
CVE-2007-0479 7.8
Memory leak in the TCP listener in Cisco IOS 9.x, 10.x, 11.x, and 12.x allows remote attackers to cause a denial of service by sending crafted TCP traffic to an IPv4 address on the IOS device.
11-10-2017 - 01:31 25-01-2007 - 00:28
CVE-2007-0480 10.0
Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.
11-10-2017 - 01:31 25-01-2007 - 00:28
CVE-2007-1258 6.1
Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial
11-10-2017 - 01:31 03-03-2007 - 20:19
CVE-2007-0199 5.0
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
11-10-2017 - 01:31 11-01-2007 - 11:28
CVE-2005-1020 7.1
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the
11-10-2017 - 01:30 02-05-2005 - 04:00
CVE-2005-1057 7.5
Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."
11-10-2017 - 01:30 02-05-2005 - 04:00
CVE-2005-2105 7.5
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
11-10-2017 - 01:30 05-07-2005 - 04:00
CVE-2006-0486 4.6
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user d
11-10-2017 - 01:30 01-02-2006 - 02:02
CVE-2006-0354 5.5
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number
11-10-2017 - 01:30 22-01-2006 - 20:03
CVE-2005-3396 7.5
Buffer overflow in the chcons (chcon) command in IBM AIX 5.2 and 5.3, when DEBUG MALLOC is enabled, might allow attackers to execute arbitrary code via a long command line argument.
11-10-2017 - 01:30 01-11-2005 - 12:47
CVE-2005-2451 2.1
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.
11-10-2017 - 01:30 03-08-2005 - 04:00
CVE-2005-3481 9.3
Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasi
11-10-2017 - 01:30 03-11-2005 - 02:02
CVE-2005-1021 7.1
Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.
11-10-2017 - 01:30 02-05-2005 - 04:00
CVE-2005-1058 7.5
Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass X
11-10-2017 - 01:30 02-05-2005 - 04:00
CVE-2005-2841 7.5
Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted u
11-10-2017 - 01:30 08-09-2005 - 10:03
CVE-2006-0485 4.6
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allo
11-10-2017 - 01:30 01-02-2006 - 02:02
CVE-2002-1358 10.0
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
11-10-2017 - 01:29 23-12-2002 - 05:00
CVE-2002-1357 10.0
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH
11-10-2017 - 01:29 23-12-2002 - 05:00
CVE-2002-1359 10.0
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH
11-10-2017 - 01:29 23-12-2002 - 05:00
CVE-2002-1360 10.0
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code du
11-10-2017 - 01:29 23-12-2002 - 05:00
CVE-2005-0196 5.0
Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.
11-10-2017 - 01:29 02-05-2005 - 04:00
CVE-2005-0186 5.0
Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed p
11-10-2017 - 01:29 19-01-2005 - 05:00
CVE-2004-0244 4.7
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, b
11-10-2017 - 01:29 23-11-2004 - 05:00
CVE-2003-0511 5.0
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.
11-10-2017 - 01:29 27-08-2003 - 04:00
CVE-2005-0197 6.1
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
11-10-2017 - 01:29 02-05-2005 - 04:00
CVE-2003-1108 5.0
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-si
11-10-2017 - 01:29 31-12-2003 - 05:00
CVE-2003-0512 5.0
Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessi
11-10-2017 - 01:29 27-08-2003 - 04:00
CVE-2005-0195 5.0
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
11-10-2017 - 01:29 02-05-2005 - 04:00
CVE-2004-0054 7.5
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.22
11-10-2017 - 01:29 17-02-2004 - 05:00
CVE-2004-0710 5.0
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of ser
11-10-2017 - 01:29 27-07-2004 - 04:00
CVE-2004-1111 5.0
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attacker
11-10-2017 - 01:29 10-01-2005 - 05:00
CVE-2003-0305 5.0
The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.
11-10-2017 - 01:29 09-06-2003 - 04:00
CVE-2008-3815 4.3
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Mi
29-09-2017 - 01:31 23-10-2008 - 22:00
CVE-2008-3810 7.8
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than C
29-09-2017 - 01:31 26-09-2008 - 16:21
CVE-2008-3816 7.8
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet.
29-09-2017 - 01:31 23-10-2008 - 22:00
CVE-2008-3811 7.8
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnera
29-09-2017 - 01:31 26-09-2008 - 16:21
CVE-2008-3817 7.8
Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets,
29-09-2017 - 01:31 23-10-2008 - 22:00
CVE-2008-1151 7.1
Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated afte
29-09-2017 - 01:30 27-03-2008 - 17:44
CVE-2008-1156 5.1
Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree
29-09-2017 - 01:30 27-03-2008 - 10:44
CVE-2008-0509 4.4
Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.
29-09-2017 - 01:30 31-01-2008 - 20:00
CVE-2008-1152 7.8
The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets.
29-09-2017 - 01:30 27-03-2008 - 17:44
CVE-2008-1153 7.1
Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device.
29-09-2017 - 01:30 27-03-2008 - 10:44
CVE-2008-1159 7.1
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293.
29-09-2017 - 01:30 22-05-2008 - 13:09
CVE-2008-1150 7.1
The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) dat
29-09-2017 - 01:30 27-03-2008 - 17:44
CVE-2008-1274 6.9
Untrusted search path vulnerability in man in IBM AIX 6.1.0 allows local users to execute arbitrary code via a malicious program in the man directory. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
29-09-2017 - 01:30 10-03-2008 - 23:44
CVE-2008-0242 7.2
Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions.
29-09-2017 - 01:30 12-01-2008 - 02:46
CVE-2007-5651 7.1
Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and
29-09-2017 - 01:29 23-10-2007 - 21:47
CVE-2007-4623 7.2
Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command.
29-09-2017 - 01:29 05-11-2007 - 16:46
CVE-2007-4285 9.0
Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or
29-09-2017 - 01:29 09-08-2007 - 21:17
CVE-2007-4294 6.8
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
29-09-2017 - 01:29 09-08-2007 - 21:17
CVE-2007-4293 7.1
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505.
29-09-2017 - 01:29 09-08-2007 - 21:17
CVE-2007-4263 8.5
Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors.
29-09-2017 - 01:29 08-08-2007 - 23:17
CVE-2007-4295 6.8
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749.
29-09-2017 - 01:29 09-08-2007 - 21:17
CVE-2007-4291 7.1
Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with
29-09-2017 - 01:29 09-08-2007 - 21:17
CVE-2007-3471 7.2
Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
29-09-2017 - 01:29 28-06-2007 - 18:30
CVE-2007-4292 9.3
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, an
29-09-2017 - 01:29 09-08-2007 - 21:17
Back to Top Mark selected
Back to Top