Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-02-24 | CVE-2005-0598 | Remote vulnerability in Cisco Application and Content Networking System The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. | 5.0 |
2005-01-19 | CVE-2005-0186 | Denial-Of-Service vulnerability in IOS Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port. | 5.0 |
2005-01-10 | CVE-2004-1164 | Remote Denial of Service vulnerability in Cisco CNS Network Registrar DNS and DHCP Server The lock manager in Cisco CNS Network Registrar 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (process crash) via a certain "unexpected packet sequence." | 5.0 |
2005-01-10 | CVE-2004-1163 | Denial-Of-Service vulnerability in CNS Network Registrar Cisco CNS Network Registrar Central Configuration Management (CCM) server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service (CPU consumption) by ending a connection after sending a certain sequence of packets. | 5.0 |
2005-01-10 | CVE-2004-1112 | Buffer Overflow Protection Bypass vulnerability in Cisco Security Agent The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period. | 5.1 |
2005-01-10 | CVE-2004-1111 | Denial-Of-Service vulnerability in 7600 Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. | 5.0 |
2005-01-10 | CVE-2004-1099 | Remote Authentication Bypass vulnerability in Cisco products Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username. | 10.0 |
2004-12-31 | CVE-2004-1775 | Unspecified vulnerability in Cisco Catos and IOS Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | 5.0 |
2004-12-31 | CVE-2004-1464 | Remote Denial of Service vulnerability in Cisco IOS Telnet Service Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | 5.0 |
2004-12-31 | CVE-2004-1461 | Multiple vulnerability in Cisco products Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. | 7.5 |