Vulnerabilities > Cisco > IOS > 12.2.13.zh11

DATE CVE VULNERABILITY TITLE RISK
2011-10-22 CVE-2011-2057 Improper Input Validation vulnerability in Cisco IOS
The cat6000-dot1x component in Cisco IOS 12.2 before 12.2(33)SXI7 does not properly handle (1) a loop between a dot1x enabled port and an open-authentication dot1x enabled port and (2) a loop between a dot1x enabled port and a non-dot1x port, which allows remote attackers to cause a denial of service (traffic storm) via unspecified vectors that trigger many Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) frames, aka Bug ID CSCtq36327.
network
low complexity
cisco CWE-20
7.5
7.5
2011-10-22 CVE-2011-1640 Resource Exhaustion vulnerability in Cisco IOS
The ethernet-lldp component in Cisco IOS 12.2 before 12.2(33)SXJ1 does not properly support a large number of LLDP Management Address (MA) TLVs, which allows remote attackers to cause a denial of service (device crash) via crafted LLDPDUs, aka Bug ID CSCtj22354.
network
low complexity
cisco CWE-400
7.5
7.5
2004-12-31 CVE-2004-1464 Unspecified vulnerability in Cisco IOS
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
network
high complexity
cisco
5.9
5.9