Page 9 of 92 results (0.005 seconds)

CVSS: 7.5EPSS: 1%CPEs: 337EXPL: 0

09 Apr 2005 — Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. • http://secunia.com/advisories/14854 • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 1%CPEs: 93EXPL: 0

09 Apr 2005 — Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. • http://secunia.com/advisories/14854 • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

25 Jun 2002 — Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. • http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml •

CVSS: 9.1EPSS: 0%CPEs: 9EXPL: 0

28 Nov 2001 — Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. • http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

18 Oct 2001 — Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. • http://www.cisco.com/warp/public/707/ios-tcp-scanner-reload-pub.shtml •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

09 Oct 2001 — Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. • http://www.kb.cert.org/vuls/id/139491 •

CVSS: 7.5EPSS: 9%CPEs: 10EXPL: 1

24 Jul 2001 — Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. • https://www.exploit-db.com/exploits/21028 •

CVSS: 9.8EPSS: 93%CPEs: 91EXPL: 8

21 Jul 2001 — HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. • https://packetstorm.news/files/id/181081 • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 1

03 May 2001 — Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 •

CVSS: 7.5EPSS: 0%CPEs: 201EXPL: 0

28 Feb 2001 — Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. • http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml •