CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Cisco : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
851 CVE-2001-0863 DoS 2001-12-06 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
852 CVE-2001-0861 DoS 2001-12-06 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
853 CVE-2001-0783 2001-10-18 2017-12-19
5.0
None Remote Low Not required Partial None None
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.
854 CVE-2001-0754 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
855 CVE-2001-0752 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
856 CVE-2001-0750 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
857 CVE-2001-0711 DoS 2001-08-31 2017-12-19
5.0
None Remote Low Not required None None Partial
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.
858 CVE-2001-0650 2001-09-20 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
859 CVE-2001-0566 20 DoS 2001-08-14 2017-12-19
5.0
None Remote Low Not required None None Partial
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.
860 CVE-2001-0429 DoS 2001-07-02 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
861 CVE-2001-0428 DoS 2001-07-02 2018-10-30
5.0
None Remote Low Not required None None Partial
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
862 CVE-2001-0375 DoS 2001-06-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
863 CVE-2001-0161 2001-01-01 2008-09-05
5.0
None Remote Low Not required Partial None None
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks.
864 CVE-2001-0080 DoS 2001-02-12 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
865 CVE-2001-0058 DoS 2001-02-16 2017-10-10
5.0
None Remote Low Not required None None Partial
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character.
866 CVE-2001-0057 DoS 2001-02-16 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
867 CVE-2001-0055 DoS 2001-02-16 2017-10-10
5.0
None Remote Low Not required None None Partial
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
868 CVE-2000-1027 2000-12-11 2018-10-30
5.0
None Remote Low Not required Partial None None
Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.
869 CVE-2000-0984 DoS 2000-12-19 2018-05-03
5.0
None Remote Low Not required None None Partial
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
870 CVE-2000-0700 Bypass 2000-10-20 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
871 CVE-2000-0613 2000-03-20 2017-10-10
5.0
None Remote Low Not required None None Partial
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
872 CVE-2000-0268 DoS 2000-04-20 2008-09-10
5.0
None Remote Low Not required None None Partial
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
873 CVE-1999-1000 1999-12-16 2008-09-09
5.0
None Remote Low Not required Partial None None
The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.
874 CVE-1999-0998 1999-12-16 2008-09-09
5.0
None Remote Low Not required None Partial None
Cisco Cache Engine allows an attacker to replace content in the cache.
875 CVE-1999-0843 DoS 1999-11-04 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port.
876 CVE-1999-0453 200 +Info 1999-01-01 2008-09-05
5.0
None Remote Low Not required Partial None None
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP).
877 CVE-1999-0445 1999-04-01 2008-09-09
5.0
None Remote Low Not required Partial None None
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
878 CVE-1999-0430 DoS 1999-03-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Cisco Catalyst LAN switches running Catalyst 5000 supervisor software allows remote attackers to perform a denial of service by forcing the supervisor module to reload.
879 CVE-1999-0416 1999-03-11 2008-09-09
5.0
None Remote Low Not required None None Partial
Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.
880 CVE-1999-0230 Overflow 1997-12-15 2008-09-09
5.0
None Remote Low Not required None None Partial
Buffer overflow in Cisco 7xx routers through the telnet service.
881 CVE-1999-0222 DoS 1999-03-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL.
882 CVE-1999-0162 Bypass 1998-09-01 2008-09-09
5.0
None Remote Low Not required Partial None None
The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering.
883 CVE-1999-0159 1998-08-12 2008-09-09
5.0
None Remote Low Not required None None Partial
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.
884 CVE-1999-0158 1998-08-31 2018-10-30
5.0
None Remote Low Not required Partial None None
Cisco PIX firewall manager (PFM) on Windows NT allows attackers to connect to port 8080 on the PFM server and retrieve any file whose name and location is known.
885 CVE-1999-0063 1999-01-11 2008-09-09
5.0
None Remote Low Not required None None Partial
Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.
Total number of vulnerabilities : 885   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.