VYPR

Css11000 Content Services Switch

by Cisco Systems, Inc.

CVEs (11)

  • CVE-2004-0079HigNov 23, 2004
    risk 0.50cvss 7.5epss 0.10

    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

  • CVE-2005-0356May 31, 2005
    risk 0.10cvss epss 0.83

    Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later…

  • CVE-2004-0112Nov 23, 2004
    risk 0.01cvss epss 0.10

    The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake…

  • CVE-2004-0081Nov 23, 2004
    risk 0.01cvss epss 0.07

    OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

  • CVE-2004-0352Nov 23, 2004
    risk 0.00cvss epss 0.03

    Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.

  • CVE-2003-1132Dec 31, 2003
    risk 0.00cvss epss 0.02

    The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service…

  • CVE-2003-0851Dec 1, 2003
    risk 0.00cvss epss 0.05

    OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

  • CVE-2002-1024Oct 4, 2002
    risk 0.00cvss epss 0.03

    Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

  • CVE-2001-0412Jun 18, 2001
    risk 0.00cvss epss 0.00

    Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.

  • CVE-2001-0020Feb 12, 2001
    risk 0.00cvss epss 0.01

    Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.

  • CVE-2001-0019Feb 12, 2001
    risk 0.00cvss epss 0.00

    Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.