Cisco iOS
CVEs (951)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0775 | 0.00 | — | 0.03 | Jun 10, 1999 | Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | |||
| CVE-1999-0445 | 0.00 | — | 0.01 | Apr 1, 1999 | In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | |||
| CVE-1999-0222 | 0.00 | — | 0.01 | Mar 1, 1999 | Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. | |||
| CVE-1999-0162 | 0.00 | — | 0.02 | Sep 1, 1998 | The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | |||
| CVE-1999-0157 | 0.00 | — | 0.01 | Aug 18, 1998 | Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service. | |||
| CVE-1999-0293 | 0.00 | — | 0.03 | Jan 1, 1998 | AAA authentication on Cisco systems allows attackers to execute commands without authorization. | |||
| CVE-1999-0230 | 0.00 | — | 0.01 | Dec 15, 1997 | Buffer overflow in Cisco 7xx routers through the telnet service. | |||
| CVE-1999-0160 | 0.00 | — | 0.01 | Oct 1, 1997 | Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | |||
| CVE-1999-0161 | 0.00 | — | 0.02 | Jul 31, 1995 | In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. | |||
| CVE-1999-1466 | 0.00 | — | 0.02 | Dec 10, 1992 | Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | |||
| CVE-1999-1306 | 0.00 | — | 0.01 | Dec 10, 1992 | Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. |
- CVE-1999-0775Jun 10, 1999risk 0.00cvss —epss 0.03
Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
- CVE-1999-0445Apr 1, 1999risk 0.00cvss —epss 0.01
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
- CVE-1999-0222Mar 1, 1999risk 0.00cvss —epss 0.01
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.
- CVE-1999-0162Sep 1, 1998risk 0.00cvss —epss 0.02
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.
- CVE-1999-0157Aug 18, 1998risk 0.00cvss —epss 0.01
Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.
- CVE-1999-0293Jan 1, 1998risk 0.00cvss —epss 0.03
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
- CVE-1999-0230Dec 15, 1997risk 0.00cvss —epss 0.01
Buffer overflow in Cisco 7xx routers through the telnet service.
- CVE-1999-0160Oct 1, 1997risk 0.00cvss —epss 0.01
Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.
- CVE-1999-0161Jul 31, 1995risk 0.00cvss —epss 0.02
In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering.
- CVE-1999-1466Dec 10, 1992risk 0.00cvss —epss 0.02
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
- CVE-1999-1306Dec 10, 1992risk 0.00cvss —epss 0.01
Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
Page 48 of 48