Css11000 Content Services Switch
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0079 | Hig | 0.50 | 7.5 | 0.10 | Nov 23, 2004 | The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||
| CVE-2005-0356 | 0.10 | — | 0.83 | May 31, 2005 | Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later… | |||
| CVE-2004-0112 | 0.01 | — | 0.10 | Nov 23, 2004 | The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake… | |||
| CVE-2004-0081 | 0.01 | — | 0.07 | Nov 23, 2004 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||
| CVE-2004-0352 | 0.00 | — | 0.03 | Nov 23, 2004 | Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. | |||
| CVE-2003-1132 | 0.00 | — | 0.02 | Dec 31, 2003 | The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service… | |||
| CVE-2003-0851 | 0.00 | — | 0.05 | Dec 1, 2003 | OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | |||
| CVE-2002-1024 | 0.00 | — | 0.03 | Oct 4, 2002 | Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). | |||
| CVE-2001-0412 | 0.00 | — | 0.00 | Jun 18, 2001 | Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||
| CVE-2001-0020 | 0.00 | — | 0.01 | Feb 12, 2001 | Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | |||
| CVE-2001-0019 | 0.00 | — | 0.00 | Feb 12, 2001 | Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. |
- risk 0.50cvss 7.5epss 0.10
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
- CVE-2005-0356May 31, 2005risk 0.10cvss —epss 0.83
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later…
- CVE-2004-0112Nov 23, 2004risk 0.01cvss —epss 0.10
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake…
- CVE-2004-0081Nov 23, 2004risk 0.01cvss —epss 0.07
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
- CVE-2004-0352Nov 23, 2004risk 0.00cvss —epss 0.03
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
- CVE-2003-1132Dec 31, 2003risk 0.00cvss —epss 0.02
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service…
- CVE-2003-0851Dec 1, 2003risk 0.00cvss —epss 0.05
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
- CVE-2002-1024Oct 4, 2002risk 0.00cvss —epss 0.03
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
- CVE-2001-0412Jun 18, 2001risk 0.00cvss —epss 0.00
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
- CVE-2001-0020Feb 12, 2001risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.
- CVE-2001-0019Feb 12, 2001risk 0.00cvss —epss 0.00
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.