Filtered by vendor Cisco
Subscribe
Search
Total
2438 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1104 | 1 Cisco | 1 Vpn Client | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). | |||||
| CVE-2001-0080 | 1 Cisco | 3 Catalyst 4000, Catalyst 5000, Catalyst 6000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. | |||||
| CVE-1999-1175 | 1 Cisco | 1 Ios | 2017-10-10 | 7.5 HIGH | N/A |
| Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | |||||
| CVE-2001-0058 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. | |||||
| CVE-2001-0057 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | |||||
| CVE-2001-0056 | 1 Cisco | 1 Broadband Operating System | 2017-10-10 | 7.5 HIGH | N/A |
| The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | |||||
| CVE-2001-0055 | 1 Cisco | 2 Broadband Operating System, Cisco 6xx Routers | 2017-10-10 | 5.0 MEDIUM | N/A |
| CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. | |||||
| CVE-2001-0041 | 1 Cisco | 1 Catos | 2017-10-10 | 7.8 HIGH | N/A |
| Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | |||||
| CVE-2001-0020 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2017-10-10 | 2.1 LOW | N/A |
| Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2017-10-10 | 7.5 HIGH | N/A |
| CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | |||||
| CVE-2000-1055 | 1 Cisco | 1 Secure Access Control Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet. | |||||
| CVE-2000-1054 | 1 Cisco | 1 Secure Access Control Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | |||||
| CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | |||||
| CVE-2001-0929 | 1 Cisco | 1 Ios | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | |||||
| CVE-2001-0867 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | |||||
| CVE-2001-0895 | 1 Cisco | 11 Catalyst 2900xl, Catalyst 2948g-l3, Catalyst 2950 and 8 more | 2017-10-10 | 5.0 MEDIUM | N/A |
| Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table. | |||||
| CVE-2000-0945 | 1 Cisco | 1 Catalyst 3500 Xl | 2017-10-10 | 10.0 HIGH | N/A |
| The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | |||||
| CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||||
| CVE-2001-0864 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. | |||||
| CVE-2000-0613 | 1 Cisco | 1 Pix Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. | |||||
| CVE-2001-0863 | 1 Cisco | 1 12000 Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. | |||||
| CVE-2001-0862 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | |||||
| CVE-2000-0486 | 1 Cisco | 2 Ios, Tacacs\+ | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | |||||
| CVE-2001-0861 | 1 Cisco | 1 12000 Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. | |||||
| CVE-2001-0757 | 1 Cisco | 1 6400 Nrp 2 | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | |||||
| CVE-2001-0754 | 1 Cisco | 1 Cbos | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | |||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2001-0752 | 1 Cisco | 1 Cbos | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | |||||
| CVE-2001-0750 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. | |||||
| CVE-2001-0741 | 1 Cisco | 1 Hsrp | 2017-10-10 | 2.1 LOW | N/A |
| Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets. | |||||
| CVE-2001-0650 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
| CVE-2001-0622 | 1 Cisco | 1 Content Services Switch 11000 | 2017-10-10 | 7.5 HIGH | N/A |
| The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | |||||
| CVE-2001-0621 | 1 Cisco | 1 Content Services Switch 11000 | 2017-10-10 | 7.5 HIGH | N/A |
| The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | |||||
| CVE-2001-0537 | 1 Cisco | 1 Ios | 2017-10-10 | 9.3 HIGH | N/A |
| HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. | |||||
| CVE-2001-0455 | 1 Cisco | 1 Aironet 340 | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | |||||
| CVE-2001-0444 | 1 Cisco | 1 Cbos | 2017-10-10 | 2.1 LOW | N/A |
| Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | |||||
| CVE-2001-0429 | 1 Cisco | 1 Catos | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. | |||||
| CVE-1999-1100 | 1 Cisco | 1 Pix Private Link | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | |||||
| CVE-2001-0427 | 1 Cisco | 6 Vpn 3000 Concentrator, Vpn 3005 Concentrator, Vpn 3015 Concentrator and 3 more | 2017-10-10 | 7.1 HIGH | N/A |
| Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | |||||
| CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2017-10-10 | 7.2 HIGH | N/A |
| Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||||
| CVE-2001-0375 | 1 Cisco | 2 Pix Firewall 515, Pix Firewall 520 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. | |||||
| CVE-2009-2049 | 1 Cisco | 2 Ios, Ios Xe | 2017-09-29 | 5.4 MEDIUM | N/A |
| Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. | |||||
| CVE-2009-1168 | 1 Cisco | 2 Ios, Ios Xe | 2017-09-29 | 7.1 HIGH | N/A |
| Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | |||||
| CVE-2009-0633 | 1 Cisco | 1 Cisco Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220. | |||||
| CVE-2009-0634 | 1 Cisco | 1 Cisco Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337. | |||||
| CVE-2009-0631 | 1 Cisco | 1 Ios | 2017-09-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. | |||||
| CVE-2009-0626 | 1 Cisco | 1 Ios | 2017-09-29 | 7.8 HIGH | N/A |
| The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | |||||
| CVE-2009-0628 | 1 Cisco | 1 Cisco Ios | 2017-09-29 | 9.0 HIGH | N/A |
| Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. | |||||
| CVE-2008-5121 | 4 Bluecoat, Cisco, Citrix and 1 more | 5 Winproxy, Vpn Client, Deterministic Network Enhancer and 2 more | 2017-09-29 | 7.2 HIGH | N/A |
| dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. | |||||
| CVE-2008-3804 | 1 Cisco | 1 Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | |||||