Total
599 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1360 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-1999-0157 | 1 Cisco | 2 Ios, Pix Firewall Software | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | |||||
CVE-2003-0512 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. | |||||
CVE-1999-0063 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | |||||
CVE-2002-2315 | 1 Cisco | 1 Ios | 2023-12-10 | 7.8 HIGH | N/A |
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. | |||||
CVE-1999-0160 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||||
CVE-2002-1357 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2002-2053 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | |||||
CVE-2004-1454 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. | |||||
CVE-2002-1358 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2001-0288 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
CVE-2002-0813 | 1 Cisco | 1 Ios | 2023-12-10 | 7.1 HIGH | N/A |
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | |||||
CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | |||||
CVE-2003-1398 | 1 Cisco | 1 Ios | 2023-12-10 | 9.3 HIGH | N/A |
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | |||||
CVE-2004-0589 | 1 Cisco | 1 Ios | 2023-12-10 | 4.3 MEDIUM | N/A |
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. | |||||
CVE-2004-0710 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
CVE-2004-1464 | 1 Cisco | 1 Ios | 2023-12-10 | 5.0 MEDIUM | N/A |
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | |||||
CVE-2004-1776 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | |||||
CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2023-12-10 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-1999-1306 | 1 Cisco | 1 Ios | 2023-12-10 | 7.5 HIGH | N/A |
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. |