Vulnerabilities > Cisco > IPS Sensor Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-02-21 | CVE-2015-0631 | Race Condition vulnerability in Cisco IPS Sensor Software 7.2(1)E4/7.2(2)E4 Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections during the key-regeneration phase of an upgrade, aka Bug ID CSCui25688. | 7.1 |
| 2014-02-22 | CVE-2014-0720 | Improper Input Validation vulnerability in Cisco IPS Sensor Software Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via a flood of jumbo frames, aka Bug ID CSCuh94944. | 7.1 |
| 2014-02-22 | CVE-2014-0719 | Permissions, Privileges, and Access Controls vulnerability in Cisco IPS Sensor Software The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394. | 7.8 |
| 2014-02-22 | CVE-2014-0718 | Improper Input Validation vulnerability in Cisco IPS Sensor Software The produce-verbose-alert feature in Cisco IPS Software 7.1 before 7.1(8)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (Analysis Engine process outage) via fragmented packets, aka Bug ID CSCui91266. | 7.1 |
| 2007-05-16 | CVE-2007-2688 | Unspecified vulnerability in Cisco IOS and IPS Sensor Software The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. | 7.8 |
| 2006-09-21 | CVE-2006-4911 | Unspecified vulnerability in Cisco IPS Sensor Software Unspecified vulnerability in Cisco IPS 5.0 before 5.0(6p2) and 5.1 before 5.1(2), when running in inline or promiscuous mode, allows remote attackers to bypass traffic inspection via a "crafted sequence of fragmented IP packets". | 7.5 |
| 2006-09-21 | CVE-2006-4910 | Denial Of Service vulnerability in Cisco IPS/IDS Web Administration Interface The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. | 5.0 |
| 2006-07-18 | CVE-2006-3596 | Denial Of Service vulnerability in Cisco Intrusion Prevention System Malformed Packet The device driver for Intel-based gigabit network adapters in Cisco Intrusion Prevention System (IPS) 5.1(1) through 5.1(p1), as installed on various Cisco Intrusion Prevention System 42xx appliances, allows remote attackers to cause a denial of service (kernel panic and possibly network outage) via a crafted IP packet. | 5.0 |
| 2005-08-23 | CVE-2005-2681 | Local Privilege Escalation vulnerability in Cisco Intrusion Prevention System Unspecified vulnerability in the command line processing (CLI) logic in Cisco Intrusion Prevention System 5.0(1) and 5.0(2) allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors. | 7.2 |