Cisco iOS
CVEs (951)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2006-4775 | 0.00 | — | 0.05 | Sep 14, 2006 | The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed… | |||
| CVE-2006-4650 | 0.00 | — | 0.03 | Sep 9, 2006 | Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which… | |||
| CVE-2006-3906 | 0.00 | — | 0.07 | Jul 27, 2006 | Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it… | |||
| CVE-2006-3291 | 0.00 | — | 0.04 | Jun 28, 2006 | The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password… | |||
| CVE-2006-0485 | 0.00 | — | 0.00 | Feb 1, 2006 | The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS… | |||
| CVE-2006-0486 | 0.00 | — | 0.00 | Feb 1, 2006 | Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before… | |||
| CVE-2006-0340 | 0.00 | — | 0.03 | Jan 21, 2006 | Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a… | |||
| CVE-2005-4826 | 0.00 | — | 0.01 | Dec 31, 2005 | Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774,… | |||
| CVE-2005-4436 | 0.00 | — | 0.02 | Dec 21, 2005 | Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2)… | |||
| CVE-2005-4437 | 0.00 | — | 0.02 | Dec 21, 2005 | MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP… | |||
| CVE-2005-4258 | 0.00 | — | 0.02 | Dec 15, 2005 | Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are… | |||
| CVE-2005-3921 | 0.00 | — | 0.03 | Nov 30, 2005 | Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by… | |||
| CVE-2005-3669 | 0.00 | — | 0.05 | Nov 18, 2005 | Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for… | |||
| CVE-2005-2451 | 0.00 | — | 0.01 | Aug 3, 2005 | Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | |||
| CVE-2005-2105 | 0.00 | — | 0.03 | Jul 5, 2005 | Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. | |||
| CVE-2005-0195 | 0.00 | — | 0.04 | May 2, 2005 | Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. | |||
| CVE-2005-0197 | 0.00 | — | 0.02 | May 2, 2005 | Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | |||
| CVE-2005-1020 | 0.00 | — | 0.02 | May 2, 2005 | Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently… | |||
| CVE-2005-0196 | 0.00 | — | 0.04 | May 2, 2005 | Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. | |||
| CVE-2005-1058 | 0.00 | — | 0.01 | May 2, 2005 | Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2… |
- CVE-2006-4775Sep 14, 2006risk 0.00cvss —epss 0.05
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed…
- CVE-2006-4650Sep 9, 2006risk 0.00cvss —epss 0.03
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which…
- CVE-2006-3906Jul 27, 2006risk 0.00cvss —epss 0.07
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it…
- CVE-2006-3291Jun 28, 2006risk 0.00cvss —epss 0.04
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password…
- CVE-2006-0485Feb 1, 2006risk 0.00cvss —epss 0.00
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS…
- CVE-2006-0486Feb 1, 2006risk 0.00cvss —epss 0.00
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before…
- CVE-2006-0340Jan 21, 2006risk 0.00cvss —epss 0.03
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a…
- CVE-2005-4826Dec 31, 2005risk 0.00cvss —epss 0.01
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774,…
- CVE-2005-4436Dec 21, 2005risk 0.00cvss —epss 0.02
Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS after 12.3(2), 12.3(3)B, and 12.3(2)T and other products, allows remote attackers to cause a denial of service by sending a "spoofed neighbor announcement" with (1) mismatched k values or (2)…
- CVE-2005-4437Dec 21, 2005risk 0.00cvss —epss 0.02
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message hashes and (1) replay EIGRP…
- CVE-2005-4258Dec 15, 2005risk 0.00cvss —epss 0.02
Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are…
- CVE-2005-3921Nov 30, 2005risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by…
- CVE-2005-3669Nov 18, 2005risk 0.00cvss —epss 0.05
Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for…
- CVE-2005-2451Aug 3, 2005risk 0.00cvss —epss 0.01
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.
- CVE-2005-2105Jul 5, 2005risk 0.00cvss —epss 0.03
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
- CVE-2005-0195May 2, 2005risk 0.00cvss —epss 0.04
Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.
- CVE-2005-0197May 2, 2005risk 0.00cvss —epss 0.02
Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface.
- CVE-2005-1020May 2, 2005risk 0.00cvss —epss 0.02
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently…
- CVE-2005-0196May 2, 2005risk 0.00cvss —epss 0.04
Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.
- CVE-2005-1058May 2, 2005risk 0.00cvss —epss 0.01
Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2…
Page 45 of 48