CVSS: 10.0EPSS: 3%CPEs: 16EXPL: 0CVE-2002-1358
https://notcve.org/view.php?id=CVE-2002-1358
17 Dec 2002 — Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 4%CPEs: 16EXPL: 0CVE-2002-1360
https://notcve.org/view.php?id=CVE-2002-1360
17 Dec 2002 — Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 95%CPEs: 16EXPL: 2CVE-2002-1359 – PuTTy.exe 0.53 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1359
17 Dec 2002 — Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. • https://www.exploit-db.com/exploits/16463 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 102EXPL: 0CVE-2002-1024
https://notcve.org/view.php?id=CVE-2002-1024
04 Oct 2002 — Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). • http://www.cisco.com/warp/public/707/SSH-scanning.shtml • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2002-0339
https://notcve.org/view.php?id=CVE-2002-0339
25 Jun 2002 — Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. • http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml •
CVSS: 9.1EPSS: 1%CPEs: 9EXPL: 0CVE-2001-0929
https://notcve.org/view.php?id=CVE-2001-0929
28 Nov 2001 — Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. • http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0750
https://notcve.org/view.php?id=CVE-2001-0750
18 Oct 2001 — Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. • http://www.cisco.com/warp/public/707/ios-tcp-scanner-reload-pub.shtml •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 0CVE-2001-1071
https://notcve.org/view.php?id=CVE-2001-1071
09 Oct 2001 — Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. • http://www.kb.cert.org/vuls/id/139491 •
CVSS: 7.5EPSS: 3%CPEs: 10EXPL: 1CVE-2001-1097 – Cisco IOS 12 - UDP Denial of Service
https://notcve.org/view.php?id=CVE-2001-1097
24 Jul 2001 — Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. • https://www.exploit-db.com/exploits/21028 •
CVSS: 9.8EPSS: 93%CPEs: 91EXPL: 8CVE-2001-0537 – Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access
https://notcve.org/view.php?id=CVE-2001-0537
21 Jul 2001 — HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. • https://packetstorm.news/files/id/181081 • CWE-287: Improper Authentication •