CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2002-1706
https://notcve.org/view.php?id=CVE-2002-1706
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. • http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml http://www.securityfocus.com/bid/5041 https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 0CVE-2002-1768
https://notcve.org/view.php?id=CVE-2002-1768
Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. • http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html http://archives.neohapsis.com/archives/bugtraq/2002-06/0050.html http://www.securityfocus.com/bid/4948 https://exchange.xforce.ibmcloud.com/vulnerabilities/9282 •
CVSS: 7.8EPSS: 9%CPEs: 5EXPL: 1CVE-2002-2208
https://notcve.org/view.php?id=CVE-2002-2208
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html http://marc.info/?l=full-disclosure&m=113504451523186&w=2 http://secunia.com/advisories/7766 http://securitytracker.com/id?1005840 http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html http://www.cisco.com/warp/public/707/eigrp_issue.pdf http://www.osvdb.org/18055 http://www.securityfocus.com/archive/1/304034 http://www.securityfocus.com/archive/1/304044 http://w •
CVSS: 10.0EPSS: 4%CPEs: 16EXPL: 0CVE-2002-1358
https://notcve.org/view.php?id=CVE-2002-1358
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 4%CPEs: 16EXPL: 0CVE-2002-1360
https://notcve.org/view.php?id=CVE-2002-1360
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797 • CWE-20: Improper Input Validation •