VYPR

Cisco iOS

by Cisco Systems, Inc.

CVEs (951)

  • CVE-2005-0195May 2, 2005
    risk 0.00cvss epss 0.04

    Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.

  • CVE-2005-1058May 2, 2005
    risk 0.00cvss epss 0.01

    Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2…

  • CVE-2005-0186Jan 19, 2005
    risk 0.00cvss epss 0.03

    Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.

  • CVE-2004-1111Jan 10, 2005
    risk 0.00cvss epss 0.02

    Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of…

  • CVE-2004-1775Dec 31, 2004
    risk 0.00cvss epss 0.02

    Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.

  • CVE-2004-1454Dec 31, 2004
    risk 0.00cvss epss 0.03

    Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.

  • CVE-2004-0589Aug 6, 2004
    risk 0.00cvss epss 0.03

    Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.

  • CVE-2004-0714Jul 27, 2004
    risk 0.00cvss epss 0.03

    Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

  • CVE-2004-0710Jul 27, 2004
    risk 0.00cvss epss 0.02

    IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and…

  • CVE-2004-0054Feb 17, 2004
    risk 0.00cvss epss 0.05

    Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.

  • CVE-2003-1398Dec 31, 2003
    risk 0.00cvss epss 0.02

    Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).

  • CVE-2003-0851Dec 1, 2003
    risk 0.00cvss epss 0.05

    OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

  • CVE-2003-0512Aug 27, 2003
    risk 0.00cvss epss 0.03

    Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the…

  • CVE-2003-0305Jun 9, 2003
    risk 0.00cvss epss 0.01

    The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.

  • CVE-2002-2053Dec 31, 2002
    risk 0.00cvss epss 0.02

    The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop.

  • CVE-2002-2052Dec 31, 2002
    risk 0.00cvss epss 0.02

    Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the…

  • CVE-2002-2239Dec 31, 2002
    risk 0.00cvss epss 0.02

    The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.

  • CVE-2002-2208Dec 31, 2002
    risk 0.00cvss epss 0.04

    Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on…

  • CVE-2002-1768Dec 31, 2002
    risk 0.00cvss epss 0.02

    Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.

  • CVE-2002-1358Dec 23, 2002
    risk 0.00cvss epss 0.06

    Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.