CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2003-0647 – Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow
https://notcve.org/view.php?id=CVE-2003-0647
05 Aug 2003 — Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. Desbordamiento de búfer en el servidor HTTP de Cisco IOS 12.2 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP GET extremadamente larga (2GB). • https://www.exploit-db.com/exploits/77 •
CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2003-0512
https://notcve.org/view.php?id=CVE-2003-0512
29 Jul 2003 — Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. Cisco IOS 12.2 y anteriores genera un mensaje "% Login Invalid" en vez de solicitar una contraseña cuando se suministra un nombre de usuario inválido, lo que permite a atacantes remotos identificar nombres de usuario válid... • http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0056.html • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 80%CPEs: 176EXPL: 4CVE-2003-0567 – Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service
https://notcve.org/view.php?id=CVE-2003-0567
25 Jul 2003 — Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full. Cisco IOS 11.x y 12.0 a 12.2 permite a atacantes remotos causar una denegación de servicio (bloqueo de tráfico) enviando una cierta secuencia de paquetes IPv4 a una interfaz del dispositivo, causando que la cola de entrada de ese interfaz sea marcada como llena. • https://www.exploit-db.com/exploits/60 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 48EXPL: 0CVE-2003-0305
https://notcve.org/view.php?id=CVE-2003-0305
17 May 2003 — The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967. El Service Assurance Agent (SAA) en Cisco IOS 12.0 hasta 12.2, también llamado Reponse Time Reporter (RTR), permite que atacantes remotos provoquen una denegación de servicio (caída) mediante paquetes RTR mal construidos para el puerto 1967. • http://www.cisco.com/warp/public/707/cisco-sa-20030515-saa.shtml •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-2052
https://notcve.org/view.php?id=CVE-2002-2052
31 Dec 2002 — Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2002-1768
https://notcve.org/view.php?id=CVE-2002-1768
31 Dec 2002 — Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html •
CVSS: 7.8EPSS: 16%CPEs: 5EXPL: 1CVE-2002-2208
https://notcve.org/view.php?id=CVE-2002-2208
31 Dec 2002 — Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2002-1706
https://notcve.org/view.php?id=CVE-2002-1706
31 Dec 2002 — Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. • http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-2053
https://notcve.org/view.php?id=CVE-2002-2053
31 Dec 2002 — The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html •
CVSS: 10.0EPSS: 16%CPEs: 16EXPL: 0CVE-2002-1357
https://notcve.org/view.php?id=CVE-2002-1357
17 Dec 2002 — Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •