CVE-2002-2208
https://notcve.org/view.php?id=CVE-2002-2208
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040330.html http://marc.info/?l=full-disclosure&m=113504451523186&w=2 http://secunia.com/advisories/7766 http://securitytracker.com/id?1005840 http://www.cisco.com/en/US/tech/tk365/technologies_security_notice09186a008011c5e1.html http://www.cisco.com/warp/public/707/eigrp_issue.pdf http://www.osvdb.org/18055 http://www.securityfocus.com/archive/1/304034 http://www.securityfocus.com/archive/1/304044 http://w •
CVE-2002-1706
https://notcve.org/view.php?id=CVE-2002-1706
Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. • http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml http://www.securityfocus.com/bid/5041 https://exchange.xforce.ibmcloud.com/vulnerabilities/9368 • CWE-347: Improper Verification of Cryptographic Signature •
CVE-2002-1359 – PuTTy.exe 0.53 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1359
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. • https://www.exploit-db.com/exploits/16463 https://www.exploit-db.com/exploits/1788 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html http://www.securityfocus.com/bid/6407 https://exchange.xforce.ibmcloud.com/vulnerabilities/10870 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848 • CWE-20: Improper Input Validation •
CVE-2002-1360
https://notcve.org/view.php?id=CVE-2002-1360
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5797 • CWE-20: Improper Input Validation •
CVE-2002-1358
https://notcve.org/view.php?id=CVE-2002-1358
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html http://securitytracker.com/id?1005812 http://securitytracker.com/id?1005813 http://www.cert.org/advisories/CA-2002-36.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721 • CWE-20: Improper Input Validation •