Vulnerabilities > Cisco > IOS > 12.2t
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-23 | CVE-2002-1360 | Improper Input Validation vulnerability in multiple products Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. network low complexity cisco fissh intersoft netcomposite pragma-systems putty winscp CWE-20 critical | 10.0 |
2002-12-23 | CVE-2002-1359 | Improper Input Validation vulnerability in multiple products Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. network low complexity cisco fissh intersoft netcomposite pragma-systems putty winscp CWE-20 critical | 10.0 |
2002-12-23 | CVE-2002-1358 | Improper Input Validation vulnerability in multiple products Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. network low complexity cisco fissh intersoft netcomposite pragma-systems putty winscp CWE-20 critical | 10.0 |
2002-12-23 | CVE-2002-1357 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. network low complexity cisco fissh intersoft netcomposite pragma-systems putty winscp CWE-119 critical | 10.0 |
2002-10-04 | CVE-2002-1024 | Resource Management Errors vulnerability in Cisco products Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). | 7.1 |
2002-06-25 | CVE-2002-0339 | Unspecified vulnerability in Cisco IOS Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. | 5.0 |
2001-11-28 | CVE-2001-0929 | Unspecified vulnerability in Cisco IOS Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | 7.5 |
2001-07-12 | CVE-2001-1183 | Denial of Service vulnerability in Cisco IOS Malformed PPTP Packet PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | 5.0 |