CVE-2001-1064 – Cisco CBOS 2.x - Multiple TCP Connection Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2001-1064
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. • https://www.exploit-db.com/exploits/21092 http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml http://www.securityfocus.com/bid/3236 https://exchange.xforce.ibmcloud.com/vulnerabilities/7025 https://exchange.xforce.ibmcloud.com/vulnerabilities/7026 •
CVE-2001-1065
https://notcve.org/view.php?id=CVE-2001-1065
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. • http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/7027 •
CVE-2001-0444
https://notcve.org/view.php?id=CVE-2001-0444
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. • http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html http://www.osvdb.org/1796 http://www.securityfocus.com/bid/2635 https://exchange.xforce.ibmcloud.com/vulnerabilities/6453 •