Vulnerabilities > Cisco
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-01-05 | CVE-2003-0983 | Remote Security vulnerability in Cisco products Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. | 7.5 |
2004-01-05 | CVE-2003-0982 | Remote Buffer Overrun vulnerability in Cisco ACNS Authentication Library Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password. | 7.5 |
2003-12-31 | CVE-2003-1398 | Information Exposure vulnerability in Cisco IOS Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | 9.3 |
2003-12-31 | CVE-2003-1132 | Denial-Of-Service vulnerability in Cisco products The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | 5.0 |
2003-12-31 | CVE-2003-1109 | Unspecified vulnerability in Cisco products The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1096 | Unspecified vulnerability in Cisco Leap The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks. | 10.0 |
2003-12-01 | CVE-2003-0851 | Remote Denial Of Service vulnerability in OpenSSL ASN.1 Large Recursion OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. | 5.0 |
2003-10-20 | CVE-2003-0732 | Denial-Of-Service vulnerability in Resource Manager CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages. | 10.0 |
2003-10-20 | CVE-2003-0731 | Remote Security vulnerability in Resource Manager CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter. | 10.0 |
2003-08-27 | CVE-2003-0677 | Denial-Of-Service vulnerability in Cisco Webns 5.00.038S Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." | 5.0 |