VYPR

Vendor CVEs

Cisco Systems, Inc.

All CVEs

7,231 total · sorted by risk
  • CVE-2000-0150Feb 12, 2000
    risk 0.00cvss epss 0.02

    Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.

  • CVE-1999-1126Dec 31, 1999
    risk 0.00cvss epss 0.00

    Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3)…

  • CVE-1999-1175Dec 31, 1999
    risk 0.00cvss epss 0.02

    Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.

  • CVE-1999-1465Dec 31, 1999
    risk 0.00cvss epss 0.02

    Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as…

  • CVE-1999-1464Dec 31, 1999
    risk 0.00cvss epss 0.02

    Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by…

  • CVE-1999-1042Dec 31, 1999
    risk 0.00cvss epss 0.00

    Cisco Resource Manager (CRM) 1.0 and 1.1 creates world-readable log files and temporary files, which may expose sensitive information, to local users such as user IDs, passwords and SNMP community strings.

  • CVE-1999-1100Dec 31, 1999
    risk 0.00cvss epss 0.01

    Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force…

  • CVE-1999-1001Dec 16, 1999
    risk 0.00cvss epss 0.01

    Cisco Cache Engine allows a remote attacker to gain access via a null username and password.

  • CVE-1999-0998Dec 16, 1999
    risk 0.00cvss epss 0.01

    Cisco Cache Engine allows an attacker to replace content in the cache.

  • CVE-1999-1000Dec 16, 1999
    risk 0.00cvss epss 0.02

    The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.

  • CVE-1999-0843Nov 4, 1999
    risk 0.00cvss epss 0.01

    Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.

  • CVE-1999-1129Sep 1, 1999
    risk 0.00cvss epss 0.02

    Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.

  • CVE-1999-0734Aug 19, 1999
    risk 0.00cvss epss 0.01

    A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.

  • CVE-1999-0889Jul 1, 1999
    risk 0.00cvss epss 0.01

    Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set.

  • CVE-1999-0775Jun 10, 1999
    risk 0.00cvss epss 0.03

    Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.

  • CVE-1999-0445Apr 1, 1999
    risk 0.00cvss epss 0.01

    In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.

  • CVE-1999-0415Mar 11, 1999
    risk 0.00cvss epss 0.01

    The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration.

  • CVE-1999-0430Mar 1, 1999
    risk 0.00cvss epss 0.02

    Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.

  • CVE-1999-0222Mar 1, 1999
    risk 0.00cvss epss 0.01

    Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.

  • CVE-1999-0453Jan 1, 1999
    risk 0.00cvss epss 0.01

    An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).

  • CVE-1999-0162Sep 1, 1998
    risk 0.00cvss epss 0.02

    The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.

  • CVE-1999-0158Aug 31, 1998
    risk 0.00cvss epss 0.01

    Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.

  • CVE-1999-0157Aug 18, 1998
    risk 0.00cvss epss 0.01

    Cisco PIX firewall and CBAC IP fragmentation attack results in a denial of service.

  • CVE-1999-1582Jul 15, 1998
    risk 0.00cvss epss 0.02

    By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if…

  • CVE-1999-0293Jan 1, 1998
    risk 0.00cvss epss 0.03

    AAA authentication on Cisco systems allows attackers to execute commands without authorization.

  • CVE-1999-0230Dec 15, 1997
    risk 0.00cvss epss 0.01

    Buffer overflow in Cisco 7xx routers through the telnet service.

  • CVE-1999-0160Oct 1, 1997
    risk 0.00cvss epss 0.01

    Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections.

  • CVE-1999-0161Jul 31, 1995
    risk 0.00cvss epss 0.02

    In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering.

  • CVE-1999-1216Apr 22, 1993
    risk 0.00cvss epss 0.02

    Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.

  • CVE-1999-1306Dec 10, 1992
    risk 0.00cvss epss 0.01

    Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.

  • CVE-1999-1466Dec 10, 1992
    risk 0.00cvss epss 0.02

    Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.

Page 145 of 145