Lucene search

K
CiscoIos12.0s

41 matches found

CVE
CVE
added 2008/10/20 5:59 p.m.486 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS
CVE
CVE
added 2003/08/18 4:0 a.m.208 views

CVE-2003-0567

Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.

7.8CVSS6.5AI score0.24634EPSS
CVE
CVE
added 2013/08/05 1:22 p.m.190 views

CVE-2013-0149

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, ...

5.8CVSS6.2AI score0.00937EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.139 views

CVE-2001-0537

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

9.3CVSS6.9AI score0.93454EPSS
CVE
CVE
added 2002/12/23 5:0 a.m.137 views

CVE-2002-1359

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS8.1AI score0.86998EPSS
CVE
CVE
added 2002/12/23 5:0 a.m.83 views

CVE-2002-1357

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS7.5AI score0.18474EPSS
CVE
CVE
added 2002/12/23 5:0 a.m.71 views

CVE-2002-1358

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

10CVSS7.5AI score0.04128EPSS
CVE
CVE
added 2004/02/17 5:0 a.m.70 views

CVE-2004-0054

Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.

7.5CVSS7.6AI score0.05647EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.68 views

CVE-1999-0063

Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.

5CVSS6.5AI score0.08028EPSS
CVE
CVE
added 2007/10/12 1:17 a.m.62 views

CVE-2007-5381

Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session...

9.3CVSS8AI score0.63694EPSS
CVE
CVE
added 2000/07/12 4:0 a.m.61 views

CVE-2000-0380

The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.

7.1CVSS6.6AI score0.85118EPSS
CVE
CVE
added 2002/12/23 5:0 a.m.61 views

CVE-2002-1360

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated...

10CVSS7.8AI score0.04128EPSS
CVE
CVE
added 2007/05/16 1:19 a.m.60 views

CVE-2007-2688

The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.

7.8CVSS6.7AI score0.03824EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.57 views

CVE-2004-1775

Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.

5CVSS7.5AI score0.0098EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.56 views

CVE-2002-1024

Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

7.1CVSS6.6AI score0.63977EPSS
CVE
CVE
added 2005/11/03 2:2 a.m.54 views

CVE-2005-3481

Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities tha...

9.3CVSS8.1AI score0.05119EPSS
CVE
CVE
added 2007/10/19 10:0 a.m.52 views

CVE-2003-1398

Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).

9.3CVSS6.7AI score0.00702EPSS
CVE
CVE
added 2011/06/09 2:38 a.m.50 views

CVE-2011-2395

The Neighbor Discovery (ND) protocol implementation in Cisco IOS on unspecified switches allows remote attackers to bypass the Router Advertisement Guarding functionality via a fragmented IPv6 packet in which the Router Advertisement (RA) message is contained in the second fragment, as demonstrated...

5CVSS6.9AI score0.00147EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.49 views

CVE-2003-0100

Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.

7.5CVSS7.3AI score0.04067EPSS
CVE
CVE
added 2009/01/16 9:30 p.m.49 views

CVE-2008-3821

Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI.

4.3CVSS5.7AI score0.10639EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.48 views

CVE-2005-0196

Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet.

5CVSS6.6AI score0.03307EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.48 views

CVE-2008-3806

Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UD...

8.5CVSS6.7AI score0.01602EPSS
CVE
CVE
added 2000/05/18 4:0 a.m.47 views

CVE-2000-0345

The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.

2.1CVSS6.4AI score0.00117EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.47 views

CVE-2009-2873

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889.

7.1CVSS6.6AI score0.00781EPSS
CVE
CVE
added 2010/03/25 9:0 p.m.45 views

CVE-2010-0576

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or proc...

7.8CVSS6.6AI score0.01653EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.43 views

CVE-2005-1021

Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password.

7.1CVSS6.6AI score0.01402EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.42 views

CVE-2002-0339

Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.

5CVSS6.5AI score0.02257EPSS
CVE
CVE
added 2005/08/03 4:0 a.m.42 views

CVE-2005-2451

Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet.

2.1CVSS7.6AI score0.03036EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.42 views

CVE-2009-0630

The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL...

7.1CVSS6.9AI score0.00064EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.40 views

CVE-1999-0445

In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.

5CVSS6.6AI score0.0061EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.40 views

CVE-2005-1020

Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues...

7.1CVSS6.7AI score0.0158EPSS
CVE
CVE
added 2006/01/21 12:3 a.m.40 views

CVE-2006-0340

Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet ...

7.1CVSS6.4AI score0.03022EPSS
CVE
CVE
added 2005/04/21 4:0 a.m.39 views

CVE-2001-1434

Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.

5CVSS6.4AI score0.00608EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.39 views

CVE-2008-3808

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet.

7.8CVSS6.3AI score0.01672EPSS
CVE
CVE
added 2009/03/27 3:16 p.m.39 views

CVE-2009-0631

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial ...

7.8CVSS6.8AI score0.01692EPSS
CVE
CVE
added 2009/03/27 4:30 p.m.39 views

CVE-2009-0636

Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message.

7.8CVSS6.8AI score0.01334EPSS
CVE
CVE
added 2004/07/27 4:0 a.m.38 views

CVE-2004-0714

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

5CVSS6.7AI score0.0286EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.38 views

CVE-2005-0195

Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet.

5CVSS6.5AI score0.02EPSS
CVE
CVE
added 2008/09/26 4:21 p.m.38 views

CVE-2008-3803

A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

5.1CVSS6.4AI score0.01514EPSS
CVE
CVE
added 2011/01/07 7:0 p.m.37 views

CVE-2009-5040

CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555.

6.8CVSS6.5AI score0.00512EPSS
CVE
CVE
added 2009/09/28 7:30 p.m.36 views

CVE-2009-2872

Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh975...

6.8CVSS6.6AI score0.01117EPSS