Page 51 of 260 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations. • http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5738 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet." • http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5852 •

CVSS: 7.1EPSS: 2%CPEs: 337EXPL: 0

Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. • http://secunia.com/advisories/14854 http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml http://www.securityfocus.com/bid/13043 http://www.securitytracker.com/alerts/2005/Apr/1013655.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19987 https://exchange.xforce.ibmcloud.com/vulnerabilities/19989 https://exchange.xforce.ibmcloud.com/vulnerabilities/19990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5455 • CWE-287: Improper Authentication •

CVSS: 7.1EPSS: 1%CPEs: 93EXPL: 0

Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. • http://secunia.com/advisories/14854 http://www.cisco.com/warp/public/707/cisco-sa-20050406-ssh.shtml http://www.osvdb.org/15303 http://www.securityfocus.com/bid/13042 http://www.securitytracker.com/alerts/2005/Apr/1013655.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19991 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5687 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 1%CPEs: 196EXPL: 0

Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. • http://secunia.com/advisories/14034 http://securitytracker.com/id?1013013 http://www.cisco.com/warp/public/707/cisco-sa-20050126-bgp.shtml http://www.kb.cert.org/vuls/id/689326 http://www.us-cert.gov/cas/techalerts/TA05-026A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5652 •