Vulnerabilities > Cisco > IOS > 11.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-01-11 | CVE-2007-0199 | Denial Of Service vulnerability in Cisco IOS Data-link Switching The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... | 5.0 |
| 2006-09-23 | CVE-2006-4950 | Unspecified vulnerability in Cisco IOS Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. | 10.0 |
| 2005-11-30 | CVE-2005-3921 | HTML Injection vulnerability in Cisco IOS HTTP Service Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. | 2.6 |
| 2004-12-31 | CVE-2004-1464 | Remote Denial of Service vulnerability in Cisco IOS Telnet Service Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | 5.0 |
| 2003-08-27 | CVE-2003-0647 | Remote Security vulnerability in IOS Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | 7.5 |
| 2003-08-18 | CVE-2003-0567 | Improper Input Validation vulnerability in Cisco products Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full. | 7.8 |
| 2002-12-31 | CVE-2002-2315 | Denial Of Service vulnerability in Cisco IOS ICMP Redirect Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. | 7.8 |
| 2001-05-03 | CVE-2001-0288 | Unspecified vulnerability in Cisco IOS Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | 7.5 |
| 1999-12-31 | CVE-1999-1465 | Unspecified vulnerability in Cisco IOS Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | 7.5 |
| 1999-12-31 | CVE-1999-1175 | Unspecified vulnerability in Cisco IOS Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | 7.5 |