Vendor CVEs
Cisco Systems, Inc.
All CVEs
7,231 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1595 | 0.00 | — | 0.02 | Jan 9, 2002 | Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization. | |||
| CVE-2001-1210 | 0.00 | — | 0.02 | Dec 30, 2001 | Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||
| CVE-2001-0867 | 0.00 | — | 0.02 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | |||
| CVE-2001-0863 | 0.00 | — | 0.02 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. | |||
| CVE-2001-0866 | 0.00 | — | 0.02 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls. | |||
| CVE-2001-0861 | 0.00 | — | 0.02 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. | |||
| CVE-2001-0865 | 0.00 | — | 0.01 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||
| CVE-2001-0864 | 0.00 | — | 0.01 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. | |||
| CVE-2001-0862 | 0.00 | — | 0.02 | Dec 6, 2001 | Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | |||
| CVE-2001-0929 | 0.00 | — | 0.02 | Nov 28, 2001 | Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | |||
| CVE-2001-0895 | 0.00 | — | 0.02 | Nov 15, 2001 | Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC… | |||
| CVE-2001-0754 | 0.00 | — | 0.01 | Oct 18, 2001 | Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | |||
| CVE-2001-0752 | 0.00 | — | 0.02 | Oct 18, 2001 | Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | |||
| CVE-2001-0750 | 0.00 | — | 0.02 | Oct 18, 2001 | Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. | |||
| CVE-2001-0753 | 0.00 | — | 0.01 | Oct 18, 2001 | Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | |||
| CVE-2001-0783 | 0.00 | — | 0.02 | Oct 18, 2001 | Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. | |||
| CVE-2001-0757 | 0.00 | — | 0.03 | Oct 18, 2001 | Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | |||
| CVE-2001-1098 | 0.00 | — | 0.00 | Oct 10, 2001 | Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file. | |||
| CVE-2001-1071 | 0.00 | — | 0.02 | Oct 9, 2001 | Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | |||
| CVE-2001-0650 | 0.00 | — | 0.02 | Sep 20, 2001 | Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||
| CVE-2001-1105 | 0.00 | — | 0.03 | Sep 12, 2001 | RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure. | |||
| CVE-2001-1065 | 0.00 | — | 0.01 | Aug 31, 2001 | Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | |||
| CVE-2001-0621 | 0.00 | — | 0.01 | Aug 14, 2001 | The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | |||
| CVE-2001-0622 | 0.00 | — | 0.02 | Aug 14, 2001 | The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | |||
| CVE-2001-1183 | 0.00 | — | 0.04 | Jul 12, 2001 | PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | |||
| CVE-2001-1038 | 0.00 | — | 0.02 | Jul 11, 2001 | Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023. | |||
| CVE-2001-0444 | 0.00 | — | 0.00 | Jul 2, 2001 | Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||
| CVE-2001-0428 | 0.00 | — | 0.02 | Jul 2, 2001 | Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. | |||
| CVE-2001-0429 | 0.00 | — | 0.01 | Jul 2, 2001 | Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. | |||
| CVE-2001-0455 | 0.00 | — | 0.02 | Jun 27, 2001 | Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | |||
| CVE-2001-0412 | 0.00 | — | 0.00 | Jun 18, 2001 | Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||
| CVE-2001-0427 | 0.00 | — | 0.03 | Jun 18, 2001 | Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | |||
| CVE-2000-0368 | 0.00 | — | 0.00 | Mar 12, 2001 | Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. | |||
| CVE-2004-1776 | 0.00 | — | 0.03 | Feb 28, 2001 | Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | |||
| CVE-2001-1434 | 0.00 | — | 0.03 | Feb 28, 2001 | Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | |||
| CVE-2001-0056 | 0.00 | — | 0.01 | Feb 16, 2001 | The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | |||
| CVE-2001-0058 | 0.00 | — | 0.02 | Feb 16, 2001 | The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. | |||
| CVE-2001-0057 | 0.00 | — | 0.01 | Feb 16, 2001 | Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | |||
| CVE-2001-0055 | 0.00 | — | 0.01 | Feb 16, 2001 | CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. | |||
| CVE-2001-0019 | 0.00 | — | 0.00 | Feb 12, 2001 | Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. | |||
| CVE-2001-0020 | 0.00 | — | 0.01 | Feb 12, 2001 | Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | |||
| CVE-2001-1037 | 0.00 | — | 0.00 | Jan 8, 2001 | Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged. | |||
| CVE-2001-0161 | 0.00 | — | 0.01 | Jan 1, 2001 | Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. | |||
| CVE-2000-1056 | 0.00 | — | 0.02 | Dec 11, 2000 | CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | |||
| CVE-2000-1055 | 0.00 | — | 0.04 | Dec 11, 2000 | Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet. | |||
| CVE-2000-0700 | 0.00 | — | 0.02 | Oct 20, 2000 | Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop… | |||
| CVE-2000-0486 | 0.00 | — | 0.02 | May 30, 2000 | Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | |||
| CVE-2000-0345 | 0.00 | — | 0.01 | May 3, 2000 | The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |||
| CVE-2000-0267 | 0.00 | — | 0.00 | Apr 20, 2000 | Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. | |||
| CVE-2000-0268 | 0.00 | — | 0.02 | Apr 20, 2000 | Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. |
- CVE-2002-1595Jan 9, 2002risk 0.00cvss —epss 0.02
Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization.
- CVE-2001-1210Dec 30, 2001risk 0.00cvss —epss 0.02
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings.
- CVE-2001-0867Dec 6, 2001risk 0.00cvss —epss 0.02
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.
- CVE-2001-0863Dec 6, 2001risk 0.00cvss —epss 0.02
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
- CVE-2001-0866Dec 6, 2001risk 0.00cvss —epss 0.02
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
- CVE-2001-0861Dec 6, 2001risk 0.00cvss —epss 0.02
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
- CVE-2001-0865Dec 6, 2001risk 0.00cvss —epss 0.01
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
- CVE-2001-0864Dec 6, 2001risk 0.00cvss —epss 0.01
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
- CVE-2001-0862Dec 6, 2001risk 0.00cvss —epss 0.02
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL.
- CVE-2001-0929Nov 28, 2001risk 0.00cvss —epss 0.02
Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.
- CVE-2001-0895Nov 15, 2001risk 0.00cvss —epss 0.02
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC…
- CVE-2001-0754Oct 18, 2001risk 0.00cvss —epss 0.01
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
- CVE-2001-0752Oct 18, 2001risk 0.00cvss —epss 0.02
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
- CVE-2001-0750Oct 18, 2001risk 0.00cvss —epss 0.02
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
- CVE-2001-0753Oct 18, 2001risk 0.00cvss —epss 0.01
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
- CVE-2001-0783Oct 18, 2001risk 0.00cvss —epss 0.02
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.
- CVE-2001-0757Oct 18, 2001risk 0.00cvss —epss 0.03
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.
- CVE-2001-1098Oct 10, 2001risk 0.00cvss —epss 0.00
Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.
- CVE-2001-1071Oct 9, 2001risk 0.00cvss —epss 0.02
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
- CVE-2001-0650Sep 20, 2001risk 0.00cvss —epss 0.02
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
- CVE-2001-1105Sep 12, 2001risk 0.00cvss —epss 0.03
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
- CVE-2001-1065Aug 31, 2001risk 0.00cvss —epss 0.01
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
- CVE-2001-0621Aug 14, 2001risk 0.00cvss —epss 0.01
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
- CVE-2001-0622Aug 14, 2001risk 0.00cvss —epss 0.02
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
- CVE-2001-1183Jul 12, 2001risk 0.00cvss —epss 0.04
PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.
- CVE-2001-1038Jul 11, 2001risk 0.00cvss —epss 0.02
Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023.
- CVE-2001-0444Jul 2, 2001risk 0.00cvss —epss 0.00
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.
- CVE-2001-0428Jul 2, 2001risk 0.00cvss —epss 0.02
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
- CVE-2001-0429Jul 2, 2001risk 0.00cvss —epss 0.01
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
- CVE-2001-0455Jun 27, 2001risk 0.00cvss —epss 0.02
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.
- CVE-2001-0412Jun 18, 2001risk 0.00cvss —epss 0.00
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
- CVE-2001-0427Jun 18, 2001risk 0.00cvss —epss 0.03
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
- CVE-2000-0368Mar 12, 2001risk 0.00cvss —epss 0.00
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
- CVE-2004-1776Feb 28, 2001risk 0.00cvss —epss 0.03
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
- CVE-2001-1434Feb 28, 2001risk 0.00cvss —epss 0.03
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
- CVE-2001-0056Feb 16, 2001risk 0.00cvss —epss 0.01
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection.
- CVE-2001-0058Feb 16, 2001risk 0.00cvss —epss 0.02
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character.
- CVE-2001-0057Feb 16, 2001risk 0.00cvss —epss 0.01
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
- CVE-2001-0055Feb 16, 2001risk 0.00cvss —epss 0.01
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
- CVE-2001-0019Feb 12, 2001risk 0.00cvss —epss 0.00
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.
- CVE-2001-0020Feb 12, 2001risk 0.00cvss —epss 0.01
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.
- CVE-2001-1037Jan 8, 2001risk 0.00cvss —epss 0.00
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
- CVE-2001-0161Jan 1, 2001risk 0.00cvss —epss 0.01
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.
- CVE-2000-1056Dec 11, 2000risk 0.00cvss —epss 0.02
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
- CVE-2000-1055Dec 11, 2000risk 0.00cvss —epss 0.04
Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet.
- CVE-2000-0700Oct 20, 2000risk 0.00cvss —epss 0.02
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop…
- CVE-2000-0486May 30, 2000risk 0.00cvss —epss 0.02
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
- CVE-2000-0345May 3, 2000risk 0.00cvss —epss 0.01
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.
- CVE-2000-0267Apr 20, 2000risk 0.00cvss —epss 0.00
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
- CVE-2000-0268Apr 20, 2000risk 0.00cvss —epss 0.02
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
Page 144 of 145