Vulnerabilities > Cisco > IOS > 12.2.18.se

DATE CVE VULNERABILITY TITLE RISK
2005-11-30 CVE-2005-3921 HTML Injection vulnerability in Cisco IOS HTTP Service
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages.
network
high complexity
cisco
2.6
2005-05-02 CVE-2005-1020 Improper Authentication vulnerability in Cisco IOS
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.
network
cisco CWE-287
7.1
2005-01-10 CVE-2004-1111 Denial-Of-Service vulnerability in 7600
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
network
low complexity
cisco
5.0
2004-12-31 CVE-2004-1464 Remote Denial of Service vulnerability in Cisco IOS Telnet Service
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
network
low complexity
cisco
5.0
2004-12-31 CVE-2004-1454 Remote Denial Of Service vulnerability in Cisco IOS OSPF
Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.
network
low complexity
cisco
5.0