Page 62 of 379 results (0.005 seconds)

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. • http://secunia.com/advisories/18613 http://securitytracker.com/id?1015543 http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml http://www.osvdb.org/22723 https://exchange.xforce.ibmcloud.com/vulnerabilities/24308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4905 •

CVSS: 7.1EPSS: 3%CPEs: 108EXPL: 0

Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. • http://secunia.com/advisories/18490 http://securityreason.com/securityalert/358 http://securitytracker.com/id?1015501 http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml http://www.osvdb.org/22624 http://www.securityfocus.com/bid/16303 http://www.vupen.com/english/advisories/2006/0248 https://exchange.xforce.ibmcloud.com/vulnerabilities/24182 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0

Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. • http://osvdb.org/33013 http://secunia.com/advisories/23892 http://securitytracker.com/id?1017568 http://www.blackhat.com/html/bh-europe-05/bh-eu-05-speakers.html#Berrueta http://www.cisco.com/en/US/products/products_security_response09186a00807d1a81.html http://www.s21sec.com/en/avisos/s21sec-034-en.txt http://www.securityfocus.com/archive/1/458240/100/0/threaded http://www.securityfocus.com/archive/1/458554/100/0/threaded http://www.securityfocus.com/bid/22268 http:/& •

CVSS: 7.8EPSS: 0%CPEs: 167EXPL: 1

Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. Conmutadores Cisco Catalyst no especificados permiten a atacantes remotos causar una denegación de servicio (caída de dispositivo) mediante un paquete IP con IPs y puertos de origen y destino iguales y con la bandera SYN. (tcc LanD). NOTA: La proveniencia de esta cuestión es desconocida; los detalles son obtenidos exclusivamente de BID. • http://www.securityfocus.com/bid/15864 https://exchange.xforce.ibmcloud.com/vulnerabilities/44543 •

CVSS: 2.6EPSS: 5%CPEs: 225EXPL: 2

Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers. • http://secunia.com/advisories/17780 http://secunia.com/advisories/18528 http://securityreason.com/securityalert/227 http://securitytracker.com/id?1015275 http://www.cisco.com/warp/public/707/cisco-sa-20051201-http.shtml http://www.idefense.com/intelligence/vulnerabilities/display.php?id=372 http://www.infohacking.com/INFOHACKING_RESEARCH/Our_Advisories/cisco/index.html http://www.securityfocus.com/archive/1/417916/100/0/threaded http://www.securityfocus.com/bid/15602 http://www.securit •