Search
Total
593 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-0197 | 1 Cisco | 1 Ios | 2017-10-11 | 6.1 MEDIUM | N/A |
| Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | |||||
| CVE-2005-0196 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. | |||||
| CVE-2002-1360 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2017-10-11 | 10.0 HIGH | N/A |
| Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | |||||
| CVE-2005-0195 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. | |||||
| CVE-2005-0186 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port. | |||||
| CVE-2004-1111 | 1 Cisco | 10 7200 Router, 7300 Router, 7500 Router and 7 more | 2017-10-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. | |||||
| CVE-2004-0710 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | |||||
| CVE-2004-0589 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. | |||||
| CVE-2003-0305 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967. | |||||
| CVE-2004-0244 | 1 Cisco | 1 Ios | 2017-10-11 | 4.7 MEDIUM | N/A |
| Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | |||||
| CVE-2003-0512 | 1 Cisco | 1 Ios | 2017-10-11 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. | |||||
| CVE-2004-0054 | 1 Cisco | 1 Ios | 2017-10-11 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | |||||
| CVE-2002-1357 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2017-10-11 | 10.0 HIGH | N/A |
| Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | |||||
| CVE-2001-1183 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | |||||
| CVE-2000-0486 | 1 Cisco | 2 Ios, Tacacs\+ | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field. | |||||
| CVE-2001-0537 | 1 Cisco | 1 Ios | 2017-10-10 | 9.3 HIGH | N/A |
| HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. | |||||
| CVE-2001-0650 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | |||||
| CVE-1999-1175 | 1 Cisco | 1 Ios | 2017-10-10 | 7.5 HIGH | N/A |
| Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | |||||
| CVE-2001-0750 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. | |||||
| CVE-2001-0929 | 1 Cisco | 1 Ios | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | |||||
| CVE-2001-1071 | 1 Cisco | 2 Catos, Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | |||||
| CVE-2011-4667 | 1 Cisco | 2 Ios, Nx-os | 2017-10-06 | 4.3 MEDIUM | 5.9 MEDIUM |
| The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI, and 12.2(33)SXJ when IP Security (aka IPSec) is used, allows remote attackers to obtain unencrypted packets from encrypted sessions. | |||||
| CVE-2010-3049 | 1 Cisco | 1 Ios | 2017-10-03 | 4.9 MEDIUM | 5.5 MEDIUM |
| Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot). | |||||
| CVE-2010-3050 | 1 Cisco | 1 Ios | 2017-10-03 | 6.8 MEDIUM | 6.5 MEDIUM |
| Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot). | |||||
| CVE-2009-2049 | 1 Cisco | 2 Ios, Ios Xe | 2017-09-29 | 5.4 MEDIUM | N/A |
| Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. | |||||
| CVE-2009-1168 | 1 Cisco | 2 Ios, Ios Xe | 2017-09-29 | 7.1 HIGH | N/A |
| Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | |||||
| CVE-2009-0631 | 1 Cisco | 1 Ios | 2017-09-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. | |||||
| CVE-2009-0626 | 1 Cisco | 1 Ios | 2017-09-29 | 7.8 HIGH | N/A |
| The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | |||||
| CVE-2008-3804 | 1 Cisco | 1 Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | |||||
| CVE-2008-3810 | 1 Cisco | 1 Ios | 2017-09-29 | 7.8 HIGH | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | |||||
| CVE-2008-3811 | 1 Cisco | 1 Ios | 2017-09-29 | 7.8 HIGH | N/A |
| Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | |||||
| CVE-2008-1150 | 1 Cisco | 1 Ios | 2017-09-29 | 7.1 HIGH | N/A |
| The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309. | |||||
| CVE-2008-1152 | 1 Cisco | 2 Cisco Ios, Ios | 2017-09-29 | 7.8 HIGH | N/A |
| The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. | |||||
| CVE-2008-1151 | 1 Cisco | 1 Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566. | |||||
| CVE-2008-1153 | 1 Cisco | 2 Cisco Ios, Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. | |||||
| CVE-2008-1156 | 1 Cisco | 2 Cisco Ios, Ios | 2017-09-29 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. | |||||
| CVE-2007-4292 | 1 Cisco | 1 Ios | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249. | |||||
| CVE-2007-4294 | 1 Cisco | 2 Ios, Unified Communications Manager | 2017-09-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. | |||||
| CVE-2007-4295 | 1 Cisco | 1 Ios | 2017-09-29 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. | |||||
| CVE-2007-5651 | 1 Cisco | 2 Catos, Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. | |||||
| CVE-2007-4263 | 1 Cisco | 1 Ios | 2017-09-29 | 8.5 HIGH | N/A |
| Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. | |||||
| CVE-2007-4285 | 1 Cisco | 1 Ios | 2017-09-29 | 9.0 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. | |||||
| CVE-2007-4291 | 1 Cisco | 1 Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. | |||||
| CVE-2007-4293 | 1 Cisco | 1 Ios | 2017-09-29 | 7.1 HIGH | N/A |
| Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. | |||||
| CVE-2015-0681 | 1 Cisco | 2 Ios, Ios Xe | 2017-09-21 | 7.1 HIGH | N/A |
| The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15.0(2)ED1, 15.0(2)EY3, 15.1(3)SVF4a, and 15.2(2)JB1 and IOS XE 2.5.x, 2.6.x, 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, and 3.5.xS before 3.6.0S; 3.1.xSG, 3.2.xSG, and 3.3.xSG before 3.4.0SG; 3.2.xSE before 3.3.0SE; 3.2.xXO before 3.3.0XO; 3.2.xSQ; 3.3.xSQ; and 3.4.xSQ allows remote attackers to cause a denial of service (device hang or reload) via multiple requests that trigger improper memory management, aka Bug ID CSCts66733. | |||||
| CVE-2010-0586 | 1 Cisco | 1 Ios | 2017-09-19 | 7.8 HIGH | N/A |
| Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability." | |||||
| CVE-2009-2869 | 1 Cisco | 1 Ios | 2017-09-19 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. | |||||
| CVE-2009-2867 | 1 Cisco | 1 Ios | 2017-09-19 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691. | |||||
| CVE-2015-6385 | 1 Cisco | 1 Ios | 2017-09-14 | 7.2 HIGH | N/A |
| The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router 1000V devices allows local users to execute arbitrary commands with root privileges by leveraging administrative access to enter crafted environment variables, aka Bug ID CSCux14943. | |||||
| CVE-2015-0586 | 1 Cisco | 2 2900 Integrated Service Router, Ios | 2017-09-08 | 7.8 HIGH | N/A |
| The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and earlier on Cisco 2900 Integrated Services Router (aka Cisco Internet Router) devices allows remote attackers to cause a denial of service (NBAR process hang) via IPv4 packets, aka Bug ID CSCuo73682. | |||||