VYPR

Cisco iOS

by Cisco Systems, Inc.

CVEs (951)

  • CVE-2002-1358Dec 23, 2002
    risk 0.00cvss epss 0.06

    Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

  • CVE-2002-1024Oct 4, 2002
    risk 0.00cvss epss 0.03

    Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

  • CVE-2002-0339Jun 25, 2002
    risk 0.00cvss epss 0.02

    Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.

  • CVE-2001-0861Dec 6, 2001
    risk 0.00cvss epss 0.02

    Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.

  • CVE-2001-0929Nov 28, 2001
    risk 0.00cvss epss 0.02

    Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.

  • CVE-2001-0750Oct 18, 2001
    risk 0.00cvss epss 0.02

    Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.

  • CVE-2001-1071Oct 9, 2001
    risk 0.00cvss epss 0.02

    Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.

  • CVE-2001-0650Sep 20, 2001
    risk 0.00cvss epss 0.02

    Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.

  • CVE-2001-1183Jul 12, 2001
    risk 0.00cvss epss 0.04

    PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.

  • CVE-2000-0368Mar 12, 2001
    risk 0.00cvss epss 0.00

    Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.

  • CVE-2001-1434Feb 28, 2001
    risk 0.00cvss epss 0.03

    Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.

  • CVE-2004-1776Feb 28, 2001
    risk 0.00cvss epss 0.03

    Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.

  • CVE-2000-0700Oct 20, 2000
    risk 0.00cvss epss 0.02

    Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop…

  • CVE-2000-0486May 30, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.

  • CVE-2000-0345May 3, 2000
    risk 0.00cvss epss 0.01

    The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.

  • CVE-2000-0268Apr 20, 2000
    risk 0.00cvss epss 0.02

    Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.

  • CVE-1999-1175Dec 31, 1999
    risk 0.00cvss epss 0.02

    Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.

  • CVE-1999-1464Dec 31, 1999
    risk 0.00cvss epss 0.02

    Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by…

  • CVE-1999-1465Dec 31, 1999
    risk 0.00cvss epss 0.02

    Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as…

  • CVE-1999-1129Sep 1, 1999
    risk 0.00cvss epss 0.02

    Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.

Page 47 of 48