CVE-2002-2053
https://notcve.org/view.php?id=CVE-2002-2053
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html http://archives.neohapsis.com/archives/bugtraq/2002-06/0050.html http://www.iss.net/security_center/static/9283.php http://www.securityfocus.com/bid/4949 •
CVE-2002-2208
https://notcve.org/view.php?id=CVE-2002-2208
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html http://marc.info/?l=full-disclosure&m=113504451523186&w=2 http://secunia.com/advisories/7766 http://securitytracker.com/id?1005840 http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html http://www.cisco.com/warp/public/707/eigrp_issue.pdf http://www.osvdb.org/18055 http://www.securityfocus.com/archive/1/304034 http://www.securityfocus.com/archive/1/304044 http://w •
CVE-2002-1358
https://notcve.org/view.php?id=CVE-2002-1358
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721 • CWE-20: Improper Input Validation •
CVE-2002-1360
https://notcve.org/view.php?id=CVE-2002-1360
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797 • CWE-20: Improper Input Validation •
CVE-2002-1357
https://notcve.org/view.php?id=CVE-2002-1357
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html http://www.kb.cert.org/vuls/id/389665 http://www.securityfocus.com/bid/6405 https://exchange.xforce.ibmcloud.com/vulnerabilities/10868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •