CVE-2003-0647 – Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow
https://notcve.org/view.php?id=CVE-2003-0647
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. Desbordamiento de búfer en el servidor HTTP de Cisco IOS 12.2 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP GET extremadamente larga (2GB). • https://www.exploit-db.com/exploits/77 http://www.cisco.com/warp/public/707/cisco-sn-20030730-ios-2gb-get.shtml http://www.kb.cert.org/vuls/id/579324 •
CVE-2001-0650
https://notcve.org/view.php?id=CVE-2001-0650
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. • http://ciac.llnl.gov/ciac/bulletins/l-082.shtml http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml http://www.kb.cert.org/vuls/id/106392 http://www.osvdb.org/1830 http://www.securityfocus.com/bid/2733 https://exchange.xforce.ibmcloud.com/vulnerabilities/6566 •
CVE-2001-0288 – Linux Kernel 2.2 - Predictable TCP Initial Sequence Number
https://notcve.org/view.php?id=CVE-2001-0288
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml •
CVE-2000-0368
https://notcve.org/view.php?id=CVE-2000-0368
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. Classic Cisco IOD 9.1 y anteriores permite a atacantes con acceso al inductor de login obtener porciones de la historia de comandos de usuarios anteriores, lo que puede permitir al atacante obtener datos sensibles. • http://www.ciac.org/ciac/bulletins/j-009.shtml http://www.cisco.com/warp/public/770/ioshist-pub.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-1999-1175
https://notcve.org/view.php?id=CVE-1999-1175
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. • http://www.ciac.org/ciac/bulletins/i-054.shtml http://www.cisco.com/warp/public/770/wccpauth-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1577 •