CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2003-0647 – Cisco IOS 12.x/11.x - HTTP Remote Integer Overflow
https://notcve.org/view.php?id=CVE-2003-0647
05 Aug 2003 — Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. Desbordamiento de búfer en el servidor HTTP de Cisco IOS 12.2 y anteriores permite a atacantes remotos ejecutar código arbitrario mediante una petición HTTP GET extremadamente larga (2GB). • https://www.exploit-db.com/exploits/77 •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2001-0650
https://notcve.org/view.php?id=CVE-2001-0650
20 Sep 2001 — Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. • http://ciac.llnl.gov/ciac/bulletins/l-082.shtml •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2001-0288 – Linux Kernel 2.2 - Predictable TCP Initial Sequence Number
https://notcve.org/view.php?id=CVE-2001-0288
03 May 2001 — Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0368
https://notcve.org/view.php?id=CVE-2000-0368
12 Mar 2001 — Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. Classic Cisco IOD 9.1 y anteriores permite a atacantes con acceso al inductor de login obtener porciones de la historia de comandos de usuarios anteriores, lo que puede permitir al atacante obtener datos sensibles. • http://www.ciac.org/ciac/bulletins/j-009.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1465
https://notcve.org/view.php?id=CVE-1999-1465
31 Dec 1999 — Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. • http://ciac.llnl.gov/ciac/bulletins/j-016.shtml •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1175
https://notcve.org/view.php?id=CVE-1999-1175
31 Dec 1999 — Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. • http://www.ciac.org/ciac/bulletins/i-054.shtml •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1306
https://notcve.org/view.php?id=CVE-1999-1306
10 Dec 1992 — Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. • http://www.cert.org/advisories/CA-1992-20.html •