Page 22 of 112 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. Desbordamiento de búfer en el servidor HTTP de Cisco IOS 12.2 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP GET extremadamente larga (2GB). • https://www.exploit-db.com/exploits/77 http://www.cisco.com/warp/public/707/cisco-sn-20030730-ios-2gb-get.shtml http://www.kb.cert.org/vuls/id/579324 •

CVSS: 5.0EPSS: 1%CPEs: 4EXPL: 0

Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. • http://ciac.llnl.gov/ciac/bulletins/l-082.shtml http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml http://www.kb.cert.org/vuls/id/106392 http://www.osvdb.org/1830 http://www.securityfocus.com/bid/2733 https://exchange.xforce.ibmcloud.com/vulnerabilities/6566 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. Classic Cisco IOD 9.1 y anteriores permite a atacantes con acceso al inductor de login obtener porciones de la historia de comandos de usuarios anteriores, lo que puede permitir al atacante obtener datos sensibles. • http://www.ciac.org/ciac/bulletins/j-009.shtml http://www.cisco.com/warp/public/770/ioshist-pub.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. • http://www.ciac.org/ciac/bulletins/i-054.shtml http://www.cisco.com/warp/public/770/wccpauth-pub.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/1577 •