Content Services Switch 11500@* Security Vulnerabilities and Issues — Content Services Switch 11500@* CVE List

Lucene search

CiscoContent Services Switch 11500*

9 matches found

CVE•added 2005/05/31 4:0 a.m.•114 views

CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they ap...

5CVSS6.2AI score0.86024EPSS

CVE•added 2004/11/23 5:0 a.m.•108 views

CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

7.5CVSS7.1AI score0.02058EPSS

CVE•added 2004/11/23 5:0 a.m.•87 views

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5CVSS7.2AI score0.02271EPSS

CVE•added 2004/11/23 5:0 a.m.•87 views

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-b...

5CVSS7.2AI score0.00942EPSS

CVE•added 2005/04/21 4:0 a.m.•38 views

CVE-2003-1132

The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by f...

5CVSS7.3AI score0.00534EPSS

CVE•added 2010/07/06 5:17 p.m.•38 views

CVE-2010-2629

The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggl...

7.5CVSS6.9AI score0.00477EPSS

CVE•added 2010/07/06 5:17 p.m.•37 views

CVE-2010-1576

The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to...

7.5CVSS6.8AI score0.00477EPSS

CVE•added 2005/11/02 12:2 a.m.•33 views

CVE-2005-3426

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation.

5CVSS7.2AI score0.00492EPSS

CVE•added 2006/04/05 6:4 p.m.•32 views

CVE-2006-1631

Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.

5CVSS6.7AI score0.01271EPSS