Vulnerabilities > Cisco > Cbos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-08-20 | CVE-2007-4430 | Improper Input Validation vulnerability in Cisco products Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. | 5.0 |
| 2002-10-04 | CVE-2002-0886 | Denial Of Service vulnerability in Cisco CBOS Oversized Packet DHCP Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | 5.0 |
| 2001-10-18 | CVE-2001-0754 | Denial-Of-Service vulnerability in CBOS Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | 5.0 |
| 2001-10-18 | CVE-2001-0753 | Remote Security vulnerability in CBOS Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | 7.5 |
| 2001-10-18 | CVE-2001-0752 | Denial-Of-Service vulnerability in CBOS Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | 5.0 |
| 2001-10-18 | CVE-2001-0751 | Remote Security vulnerability in CBOS Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
| 2001-08-31 | CVE-2001-1065 | Remote Security vulnerability in Cisco Cbos 2.0.1 Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | 5.0 |
| 2001-08-31 | CVE-2001-1064 | TCP Connection Denial of Service vulnerability in Cisco CBOS Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. | 5.0 |
| 2001-07-02 | CVE-2001-0444 | Unspecified vulnerability in Cisco Cbos 2.3.053/2.4.1 Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | 2.1 |