Page 48 of 249 results (0.011 seconds)

CVSS: 9.3EPSS: 5%CPEs: 228EXPL: 0

Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed. • http://secunia.com/advisories/17413 http://securitytracker.com/id?1015139 http://www.cisco.com/warp/public/707/cisco-sa-20051102-timers.shtml http://www.kb.cert.org/vuls/id/562945 http://www.securityfocus.com/bid/15275 http://www.vupen.com/english/advisories/2005/2282 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4914 •

CVSS: 7.5EPSS: 91%CPEs: 6EXPL: 1

Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. • https://www.exploit-db.com/exploits/26233 http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml http://www.kb.cert.org/vuls/id/236045 http://www.vupen.com/english/advisories/2005/1669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5317 •

CVSS: 2.1EPSS: 12%CPEs: 148EXPL: 0

Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. Cisco IOS 12.0 hasta 12.4 y IOS XR anterior a 3.2 con IPv6 habilitado, permite que atacantes remotos en un segmento de red local provoquen una denegación de servicio (recarga del dispositivo) y posiblmemente ejecuten código arbitrario mediante un paquete IPv6 amañado. • http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0663.html http://secunia.com/advisories/16272 http://securitytracker.com/id?1014598 http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml http://www.kb.cert.org/vuls/id/930892 http://www.osvdb.org/18332 http://www.securityfocus.com/bid/14414 http://www.us-cert.gov/cas/techalerts/TA05-210A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21591 https://oval.cisecurity.org/repository/search/defin •

CVSS: 7.5EPSS: 0%CPEs: 92EXPL: 0

Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. • http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml http://www.securitytracker.com/alerts/2005/Jun/1014330.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5756 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations. • http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5738 •