Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Ios
Total 599 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-1360 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2023-12-10 10.0 HIGH N/A
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.
CVE-1999-0157 1 Cisco 2 Ios, Pix Firewall Software 2023-12-10 5.0 MEDIUM N/A
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
CVE-2003-0512 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
CVE-1999-0063 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.
CVE-2002-2315 1 Cisco 1 Ios 2023-12-10 7.8 HIGH N/A
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router.
CVE-1999-0160 1 Cisco 1 Ios 2023-12-10 7.5 HIGH N/A
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
CVE-2002-1357 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2023-12-10 10.0 HIGH N/A
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
CVE-2002-2053 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop.
CVE-2004-1454 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.
CVE-2002-1358 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2023-12-10 10.0 HIGH N/A
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
CVE-2001-0288 1 Cisco 1 Ios 2023-12-10 7.5 HIGH N/A
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVE-2002-0813 1 Cisco 1 Ios 2023-12-10 7.1 HIGH N/A
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
CVE-2001-1071 1 Cisco 2 Catos, Ios 2023-12-10 5.0 MEDIUM N/A
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
CVE-2003-1398 1 Cisco 1 Ios 2023-12-10 9.3 HIGH N/A
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).
CVE-2004-0589 1 Cisco 1 Ios 2023-12-10 4.3 MEDIUM N/A
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
CVE-2004-0710 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
CVE-2004-1464 1 Cisco 1 Ios 2023-12-10 5.0 MEDIUM N/A
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
CVE-2004-1776 1 Cisco 1 Ios 2023-12-10 7.5 HIGH N/A
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
CVE-2002-1359 7 Cisco, Fissh, Intersoft and 4 more 7 Ios, Ssh Client, Securenetterm and 4 more 2023-12-10 10.0 HIGH N/A
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
CVE-1999-1306 1 Cisco 1 Ios 2023-12-10 7.5 HIGH N/A
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.