CVSS: 7.5EPSS: 91%CPEs: 6EXPL: 1CVE-2005-2841 – Cisco IOS 12.x - Firewall Authentication Proxy Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2841
Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. • https://www.exploit-db.com/exploits/26233 http://www.cisco.com/warp/public/707/cisco-sa-20050907-auth_proxy.shtml http://www.kb.cert.org/vuls/id/236045 http://www.vupen.com/english/advisories/2005/1669 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5317 •
CVSS: 2.1EPSS: 12%CPEs: 148EXPL: 0CVE-2005-2451
https://notcve.org/view.php?id=CVE-2005-2451
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. Cisco IOS 12.0 hasta 12.4 y IOS XR anterior a 3.2 con IPv6 habilitado, permite que atacantes remotos en un segmento de red local provoquen una denegación de servicio (recarga del dispositivo) y posiblmemente ejecuten código arbitrario mediante un paquete IPv6 amañado. • http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0663.html http://secunia.com/advisories/16272 http://securitytracker.com/id?1014598 http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml http://www.kb.cert.org/vuls/id/930892 http://www.osvdb.org/18332 http://www.securityfocus.com/bid/14414 http://www.us-cert.gov/cas/techalerts/TA05-210A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21591 https://oval.cisecurity.org/repository/search/defin •
CVSS: 7.5EPSS: 0%CPEs: 92EXPL: 0CVE-2005-2105
https://notcve.org/view.php?id=CVE-2005-2105
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. • http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml http://www.securitytracker.com/alerts/2005/Jun/1014330.html https://exchange.xforce.ibmcloud.com/vulnerabilities/21190 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5756 •
CVSS: 7.1EPSS: 2%CPEs: 337EXPL: 0CVE-2005-1020
https://notcve.org/view.php?id=CVE-2005-1020
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. • http://secunia.com/advisories/14854 http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml http://www.securityfocus.com/bid/13043 http://www.securitytracker.com/alerts/2005/Apr/1013655.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19987 https://exchange.xforce.ibmcloud.com/vulnerabilities/19989 https://exchange.xforce.ibmcloud.com/vulnerabilities/19990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5455 • CWE-287: Improper Authentication •
CVSS: 7.1EPSS: 1%CPEs: 93EXPL: 0CVE-2005-1021
https://notcve.org/view.php?id=CVE-2005-1021
Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. • http://secunia.com/advisories/14854 http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml http://www.osvdb.org/15303 http://www.securityfocus.com/bid/13042 http://www.securitytracker.com/alerts/2005/Apr/1013655.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19991 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5687 • CWE-399: Resource Management Errors •