Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-04 | CVE-2002-1095 | Remote Denial Of Service vulnerability in Cisco products Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set. | 5.0 |
| 2002-10-04 | CVE-2002-1094 | Unspecified vulnerability in Cisco products Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request. | 5.0 |
| 2002-10-04 | CVE-2002-1093 | Denial Of Service vulnerability in Cisco HTTP Interface Long Request HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | 5.0 |
| 2002-10-04 | CVE-2002-1092 | Authentication External Access vulnerability in Cisco Internal Group Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. | 7.5 |
| 2002-10-04 | CVE-2002-1024 | Resource Management Errors vulnerability in Cisco products Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144). | 7.1 |
| 2002-10-04 | CVE-2002-0954 | Remote Security vulnerability in PIX Firewall The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | 7.5 |
| 2002-10-04 | CVE-2002-0952 | Denial Of Service vulnerability in Cisco Optical Networking Systems Software 3.1.0/3.2.0 Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. | 5.0 |
| 2002-10-04 | CVE-2002-0938 | Cross-Site Scripting vulnerability in Cisco Secure ACS Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. | 7.5 |
| 2002-10-04 | CVE-2002-0908 | Unspecified vulnerability in Cisco IDS Device Manager 3.1.1 Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2002-10-04 | CVE-2002-0886 | Denial Of Service vulnerability in Cisco CBOS Oversized Packet DHCP Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | 5.0 |