| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-1999-0063 |
|
|
|
1999-01-11 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. |
|
2 |
CVE-1999-0158 |
|
|
|
1998-08-31 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known. |
|
3 |
CVE-1999-0159 |
|
|
|
1998-08-12 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. |
|
4 |
CVE-1999-0162 |
|
|
Bypass |
1998-09-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. |
|
5 |
CVE-1999-0222 |
|
|
DoS |
1999-03-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. |
|
6 |
CVE-1999-0230 |
|
|
Overflow |
1997-12-15 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Cisco 7xx routers through the telnet service. |
|
7 |
CVE-1999-0416 |
|
|
|
1999-03-11 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. |
|
8 |
CVE-1999-0430 |
|
|
DoS |
1999-03-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload. |
|
9 |
CVE-1999-0445 |
|
|
|
1999-04-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. |
|
10 |
CVE-1999-0453 |
200 |
|
+Info |
1999-01-01 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). |
|
11 |
CVE-1999-0843 |
|
|
DoS |
1999-11-04 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port. |
|
12 |
CVE-1999-0998 |
|
|
|
1999-12-16 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Cisco Cache Engine allows an attacker to replace content in the cache. |
|
13 |
CVE-1999-1000 |
|
|
|
1999-12-16 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. |
|
14 |
CVE-1999-1001 |
|
|
|
1999-12-16 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cisco Cache Engine allows a remote attacker to gain access via a null username and password. |
|
15 |
CVE-1999-1126 |
|
|
+Info |
1999-12-31 |
2017-12-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". |
|
16 |
CVE-2000-0267 |
|
|
|
2000-04-20 |
2008-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. |
|
17 |
CVE-2000-0268 |
|
|
DoS |
2000-04-20 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. |
|
18 |
CVE-2000-0345 |
|
|
+Info |
2000-05-03 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. |
|
19 |
CVE-2000-0368 |
200 |
|
+Info |
2001-03-12 |
2016-09-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. |
|
20 |
CVE-2000-0613 |
|
|
|
2000-03-20 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. |
|
21 |
CVE-2000-0700 |
|
|
Bypass |
2000-10-20 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. |
|
22 |
CVE-2000-0984 |
|
|
DoS |
2000-12-19 |
2018-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. |
|
23 |
CVE-2000-1027 |
|
|
|
2000-12-11 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established. |
|
24 |
CVE-2001-0019 |
|
|
DoS |
2001-02-12 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. |
|
25 |
CVE-2001-0020 |
|
|
Dir. Trav. |
2001-02-12 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. |
|
26 |
CVE-2001-0055 |
|
|
DoS |
2001-02-16 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. |
|
27 |
CVE-2001-0057 |
|
|
DoS |
2001-02-16 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. |
|
28 |
CVE-2001-0058 |
|
|
DoS |
2001-02-16 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. |
|
29 |
CVE-2001-0080 |
|
|
DoS |
2001-02-12 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. |
|
30 |
CVE-2001-0161 |
|
|
|
2001-01-01 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. |
|
31 |
CVE-2001-0163 |
|
|
|
2001-01-01 |
2008-09-05 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. |
|
32 |
CVE-2001-0375 |
|
|
DoS |
2001-06-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. |
|
33 |
CVE-2001-0428 |
|
|
DoS |
2001-07-02 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. |
|
34 |
CVE-2001-0429 |
|
|
DoS |
2001-07-02 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. |
|
35 |
CVE-2001-0444 |
|
|
+Info |
2001-07-02 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. |
|
36 |
CVE-2001-0566 |
20 |
|
DoS |
2001-08-14 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. |
|
37 |
CVE-2001-0650 |
|
|
|
2001-09-20 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. |
|
38 |
CVE-2001-0711 |
|
|
DoS |
2001-08-31 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. |
|
39 |
CVE-2001-0741 |
|
|
DoS |
2001-10-18 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets. |
|
40 |
CVE-2001-0750 |
|
|
DoS |
2001-10-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. |
|
41 |
CVE-2001-0752 |
|
|
DoS |
2001-10-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. |
|
42 |
CVE-2001-0754 |
|
|
DoS |
2001-10-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. |
|
43 |
CVE-2001-0783 |
|
|
|
2001-10-18 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. |
|
44 |
CVE-2001-0861 |
|
|
DoS |
2001-12-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. |
|
45 |
CVE-2001-0863 |
|
|
DoS |
2001-12-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. |
|
46 |
CVE-2001-0895 |
|
|
DoS |
2001-11-15 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table. |
|
47 |
CVE-2001-1037 |
|
|
Exec Code |
2001-01-08 |
2018-10-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged. |
|
48 |
CVE-2001-1038 |
|
|
DoS |
2001-07-11 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023. |
|
49 |
CVE-2001-1064 |
|
|
DoS |
2001-08-31 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. |
|
50 |
CVE-2001-1065 |
|
|
|
2001-08-31 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. |
