CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2006-3291
https://notcve.org/view.php?id=CVE-2006-3291
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system. El interfaz web de Cisco IOS 12.3(8)JA y 12.3(8)JA1, tal como es utilizado en Cisco Wireless Access Point y Wireless Bridge, se reconfigura cuando se activa la opción de configuración "Local User List Only (Individual Passwords)", lo que elmina toda las configuraciones de seguridad y contraseñas y permite a atacantes remotos acceder al sistema. • http://secunia.com/advisories/20860 http://securitytracker.com/id?1016399 http://www.cisco.com/warp/public/707/cisco-sa-20060628-ap.shtml http://www.kb.cert.org/vuls/id/544484 http://www.osvdb.org/26878 http://www.securityfocus.com/bid/18704 http://www.vupen.com/english/advisories/2006/2584 https://exchange.xforce.ibmcloud.com/vulnerabilities/27437 • CWE-16: Configuration •
CVSS: 4.6EPSS: 0%CPEs: 130EXPL: 0CVE-2006-0485
https://notcve.org/view.php?id=CVE-2006-0485
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. • http://secunia.com/advisories/18613 http://securitytracker.com/id?1015543 http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml http://www.osvdb.org/34892 http://www.securityfocus.com/bid/16383 http://www.vupen.com/english/advisories/2006/0337 https://exchange.xforce.ibmcloud.com/vulnerabilities/24308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5836 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2006-0486
https://notcve.org/view.php?id=CVE-2006-0486
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. • http://secunia.com/advisories/18613 http://securitytracker.com/id?1015543 http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml http://www.osvdb.org/22723 https://exchange.xforce.ibmcloud.com/vulnerabilities/24308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4905 •
CVSS: 7.1EPSS: 3%CPEs: 108EXPL: 0CVE-2006-0340
https://notcve.org/view.php?id=CVE-2006-0340
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. • http://secunia.com/advisories/18490 http://securityreason.com/securityalert/358 http://securitytracker.com/id?1015501 http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml http://www.osvdb.org/22624 http://www.securityfocus.com/bid/16303 http://www.vupen.com/english/advisories/2006/0248 https://exchange.xforce.ibmcloud.com/vulnerabilities/24182 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2005-4826
https://notcve.org/view.php?id=CVE-2005-4826
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. • http://osvdb.org/33013 http://secunia.com/advisories/23892 http://securitytracker.com/id?1017568 http://www.blackhat.com/html/bh-europe-05/bh-eu-05-speakers.html#Berrueta http://www.cisco.com/en/US/products/products_security_response09186a00807d1a81.html http://www.s21sec.com/en/avisos/s21sec-034-en.txt http://www.securityfocus.com/archive/1/458240/100/0/threaded http://www.securityfocus.com/archive/1/458554/100/0/threaded http://www.securityfocus.com/bid/22268 http:/& •