Lucene search
K
CiscoContent Services Switch 11500

10 matches found

CVE
CVE
added 2005/05/31 4:0 a.m.137 views

CVE-2005-0356

CVE-2005-0356 affects F5 BIG-IP BIG-IP LTM 9.0.0–9.0.5; other listed BIG-IP lines are not affected (e.g., 9.1.x, 9.2.x, 9.3.x, 9.4.x, 9.6.x are Not Affected). The issue is described as inadequate validation for TCP segments with PAWS/timestamps, enabling a remote attacker to cause a denial of ser...

5CVSS6.2AI score0.83284EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.133 views

CVE-2004-0079

The connected documents confirm CVE-2004-0079: in OpenSSL 0.9.6c–0.9.6k and 0.9.7a–0.9.7c, a crafted SSL/TLS handshake can trigger a null dereference in do_change_cipher_spec, causing a denial of service (crash). Remediation is to apply patched/OpenSSL releases per advisories (e.g., CentOS adviso...

7.5CVSS7.1AI score0.09537EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.121 views

CVE-2004-0081

CVE-2004-0081 affects OpenSSL 0.9.6 prior to 0.9.6d. The issue is that OpenSSL does not properly handle unknown TLS/SSL message types, enabling a remote attacker to trigger a denial of service via an infinite loop (demonstrated with the Codenomicon TLS Test Tool). Impact is a network-based DoS; e...

5CVSS7.2AI score0.07229EPSS
CVE
CVE
added 2004/03/18 5:0 a.m.110 views

CVE-2004-0112

The CVE-2004-0112 issue affects OpenSSL 0.9.7a/b/c: during the SSL/TLS handshake, the Kerberos ciphersuite path fails to validate the Kerberos ticket length, enabling a remote attacker to cause a denial-of-service by triggering an out-of-bounds read. Public sources in connected documents confirm ...

5CVSS7.2AI score0.10424EPSS
CVE
CVE
added 2010/07/06 2:0 p.m.53 views

CVE-2010-1575

CVE-2010-1575 affects Cisco CSS 11500 (software 08.20.1.01) and Cisco ACE; root cause is weak enforcement of HTTP ClientCert-* headers during SSL termination, leaving room for an attacker to spoof client certificates and impersonate other users. Impact, as described, is potential authentication b...

7.5CVSS7AI score0.01686EPSS
CVE
CVE
added 2010/07/06 2:0 p.m.51 views

CVE-2010-1576

Mode C Vulnerability: CVE-2010-1576 affects Cisco CSS 11500 (pre-8.20.4.02) and Cisco ACE 4710 (pre-A2(3.0)); the issue is improper handling of HTTP header end-of-line sequences (LF, CR, LFCR vs CRLF), enabling header insertion bypass and HTTP request smuggling via crafted headers (e.g., ClientCe...

7.5CVSS6.8AI score0.01834EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.50 views

CVE-2003-1132

Vulnerability overview (CVE-2003-1132) : Cisco Content Service Switch (CSS) 11000/11500 DNS servers respond with NXDOMAIN (response code 3) when queried for a nonexistent AAAA record, instead of No Error (response code 0). This behavior can enable remote attackers to cause a denial of service by ...

5CVSS7.3AI score0.02132EPSS
CVE
CVE
added 2005/11/02 12:0 a.m.47 views

CVE-2005-3426

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services is affected by CVE-2005-3426. The vulnerability allows remote attackers to trigger a denial of service via memory corruption during SSL session negotiation when a malformed client certificate is presented. The entry notes...

5CVSS7.2AI score0.01024EPSS
CVE
CVE
added 2006/04/05 6:0 p.m.47 views

CVE-2006-1631

The CVE-2006-1631 entry refers to a vulnerability in Cisco 11500 Series Content Services switches where the HTTP compression feature can be abused to trigger a denial-of-service (device reload) by sending certain HTTP requests (either valid but obsolete or specially crafted). Exploitation details...

5CVSS6.7AI score0.01814EPSS
CVE
CVE
added 2010/07/06 2:0 p.m.47 views

CVE-2010-2629

CVE-2010-2629 and CVE-2010-1576 describe HTTP header handling flaws in Cisco CSS 11500 and ACE 4710, enabling HTTP request smuggling via LF/CRLF header terminators and potential header spoofing of ClientCert-* fields when GET lines are CRLF-terminated and mixed newline sequences occur. The issue ...

7.5CVSS6.9AI score0.01471EPSS