17 matches found
CVE-2002-1024
Technical details for CVE-2002-1024 are not publicly available in the provided connected documents. Monitor for updates in the Vulners feed for affected products, versions, impact, and fixes.
CVE-2004-1775
CVE-2004-1775 affects Cisco VACM (View-based Access Control MIB) used by CatOS and IOS. Affected: CatOS 5.5/6.1 and IOS 12.0/12.1. Issue: VACM permits remote read/write of device configuration via the read-write SNMP community string, enabling unauthorized read/modify actions. Evidence in connect...
CVE-2008-4963
The CVE-2008-4963 entry concerns Cisco’s VLAN Trunking Protocol (VTP) in Cisco IOS/CatOS. The vulnerability arises when VTP is not in transparent mode, allowing a remote attacker to send a crafted VTP packet to a switch interface configured as a trunk port, which can cause a device reload or hang...
CVE-2006-4775
CVE-2006-4775 : Cisco IOS and Catalyst OS VTP DoS due to an integer wrap when processing a crafted VTP summary packet (revision 0x7FFFFFFF). An authenticated, remote attacker on the network could cause the device to stop processing configuration changes, potentially disrupting VLAN propagation. I...
CVE-2005-4258
CVE-2005-4258 affects Cisco Catalyst Switches. A remote attacker can cause a device crash (DoS) by sending an IP packet where source and destination IPs/ports are identical and the SYN bit is set (LanD). The issue’s provenance is unknown and details originate from BIN/NVD entries. The NVD metrics...
CVE-2001-0041
Cisco Catalyst Telnetd memory leak (CVE-2001-0041) affects Cat 4000/5000/6000 series switches. A series of failed Telnet authentication attempts can trigger a memory leak in the Telnet daemon, causing the device to fail to pass traffic or accept management connections until reboot or power cycle....
CVE-2004-0551
Cisco CatOS TCP-ACK handling vulnerability (CVE-2004-0551) affects CatOS on Cisco Catalyst switches: 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX. A remote attacker can cause a denial of service (system crash/reload) by sending invalid packets instead of the final ACK in the TCP thr...
CVE-2002-1222
The CVE-2002-1222 entry describes a vulnerability in Cisco Catalyst switches running CatOS 5.4–7.3 where the embedded HTTP server is vulnerable to a buffer overflow. An unauthenticated remote attacker can trigger a denial of service (reset/reboot) by sending a long HTTP request, as indicated by t...
CVE-2007-5134
Cisco Catalyst 6500 and Cisco 7600 Series devices are affected by CVE-2007-5134 due to handling of 127.0.0.0/8 EOBC (loopback) addresses, which could allow an unauthenticated, remote attacker to bypass ACLs and send packets to management interfaces such as the Supervisor or MSFC. The vulnerabilit...
CVE-2003-1001
CVE-2003-1001 describes a buffer overflow in the Cisco Firewall Services Module (FWSM) used on Cisco Catalyst 6500 and 7600 series devices. The flaw allows remote attackers to trigger a denial of service (crash and reload) through HTTP authentication requests for TACACS+ or RADIUS. Multiple sourc...
CVE-2001-1071
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) is affected. A remote attacker can cause memory exhaustion and a denial of service by flooding CDP neighbor announcements. Impact is memory consumption on affected devices; no public exploit details are provided in the sources. Rem...
CVE-2003-1002
CVE-2003-1002 affects Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices. A remote attacker can trigger a denial of service by sending an SNMPv3 message when snmp-server is configured, causing a crash and reload. Exploitation details are not provided in the conne...
CVE-2007-5651
The CVE-2007-5651 entry affects Cisco EAP implementations: Cisco IOS 12.3/12.4 on Access Points and 1310 Wireless Bridges, IOS 12.1/12.2 on switches, and CatOS 6.x–8.x on Cisco switches. The vulnerability allows remote attackers to cause a denial of service (device reload) by sending a crafted EA...
CVE-2001-0429
CVE-2001-0429 affects Cisco Catalyst 5000 series switches (versions 6.1(2) and earlier). The issue occurs when an 802.1x frame is received on a STP blocked port and is forwarded within that VLAN, causing a network storm and a denial of service. The connected Nessus/CSCs detail the same STP/802.1x...
CVE-2000-0267
Cisco Catalyst 5.4.x is affected by CVE-2000-0267, where a user can gain access to the privileged enable mode without a password. The issue is a local bypass of authentication to the enable shell, enabling partial to full privilege exposure as described (no explicit exploitation details in the do...
CVE-2002-2316
Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 may fail to learn MAC addresses from a single initial packet, causing unicast traffic to be broadcast and allowing remote attackers to sniff sensitive network information. The connected Red Hat and CVE registries confirm th...
CVE-2003-0216
CVE-2003-0216 affects Cisco Catalyst 7.5(1) and describes a local-auth bypass that lets an attacker gain enable-mode access without a password. Root cause and exploit details are not provided in the initial documents, but multiple sources (NVD, CVE list, Nessus plugin) confirm a password bypass v...