Vulnerabilities > Cisco > IOS > 11.2p

DATE CVE VULNERABILITY TITLE RISK
2005-11-30 CVE-2005-3921 HTML Injection vulnerability in Cisco IOS HTTP Service
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages.
network
high complexity
cisco
2.6
2004-12-31 CVE-2004-1464 Remote Denial of Service vulnerability in Cisco IOS Telnet Service
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
network
low complexity
cisco
5.0
2004-08-06 CVE-2004-0589 Unspecified vulnerability in Cisco IOS
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
network
cisco
4.3
2003-08-27 CVE-2003-0647 Remote Security vulnerability in IOS
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.
network
low complexity
cisco
7.5
2003-08-18 CVE-2003-0567 Improper Input Validation vulnerability in Cisco products
Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.
network
low complexity
cisco CWE-20
7.8
2003-03-03 CVE-2003-0100 Buffer Overflow vulnerability in Cisco IOS OSPF Neighbor
Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.
network
low complexity
cisco
7.5
2001-11-28 CVE-2001-0929 Unspecified vulnerability in Cisco IOS
Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.
network
low complexity
cisco
7.5
2001-05-03 CVE-2001-0288 Unspecified vulnerability in Cisco IOS
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
network
low complexity
cisco
7.5
2000-10-20 CVE-2000-0700 Unspecified vulnerability in Cisco products
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
network
low complexity
cisco
5.0
2000-04-26 CVE-2000-0380 Improper Input Validation vulnerability in Cisco IOS
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
network
cisco CWE-20
7.1