CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2007-0199
https://notcve.org/view.php?id=CVE-2007-0199
11 Jan 2007 — The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." La propiedad Data-link Switching (DLSw) en Cisco IOS 11.0 hata 12.4 permite a atacantes remotos provocar una denegación de servicio (recarga de dispositivo) mediante "un valor inválido en un mensaje DLSw... durante el intercambio de habilidades". • http://osvdb.org/32683 •
CVSS: 10.0EPSS: 3%CPEs: 228EXPL: 0CVE-2006-4950
https://notcve.org/view.php?id=CVE-2006-4950
23 Sep 2006 — Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. Cisco IOS 12.2 hasta 12.4 anteriores al 20/09/2006, usados por Cisco IAD2430, IAD2431, y IAD2432 Integrated A... • http://secunia.com/advisories/21974 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2006-0486
https://notcve.org/view.php?id=CVE-2006-0486
01 Feb 2006 — Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. • http://secunia.com/advisories/18613 •
CVSS: 7.8EPSS: 0%CPEs: 130EXPL: 0CVE-2006-0485
https://notcve.org/view.php?id=CVE-2006-0485
01 Feb 2006 — The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. • http://secunia.com/advisories/18613 •
CVSS: 7.5EPSS: 2%CPEs: 108EXPL: 0CVE-2006-0340
https://notcve.org/view.php?id=CVE-2006-0340
21 Jan 2006 — Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. • http://secunia.com/advisories/18490 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 24%CPEs: 225EXPL: 2CVE-2005-3921
https://notcve.org/view.php?id=CVE-2005-3921
30 Nov 2005 — Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as... • http://secunia.com/advisories/17780 •
CVSS: 7.5EPSS: 7%CPEs: 138EXPL: 0CVE-2005-3669
https://notcve.org/view.php?id=CVE-2005-3669
18 Nov 2005 — Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. • http://jvn.jp/niscc/NISCC-273756/index.html •
CVSS: 9.8EPSS: 5%CPEs: 228EXPL: 0CVE-2005-3481
https://notcve.org/view.php?id=CVE-2005-3481
03 Nov 2005 — Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed. • http://secunia.com/advisories/17413 •
CVSS: 9.8EPSS: 92%CPEs: 6EXPL: 1CVE-2005-2841 – Cisco IOS 12.x - Firewall Authentication Proxy Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2841
08 Sep 2005 — Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. • https://www.exploit-db.com/exploits/26233 •
CVSS: 9.8EPSS: 15%CPEs: 148EXPL: 0CVE-2005-2451
https://notcve.org/view.php?id=CVE-2005-2451
03 Aug 2005 — Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. Cisco IOS 12.0 hasta 12.4 y IOS XR anterior a 3.2 con IPv6 habilitado, permite que atacantes remotos en un segmento de red local provoquen una denegación de servicio (recarga del dispositivo) y posiblmemente ejecuten código arbitrario mediante un paquete IPv6 amañado. • http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0663.html •