Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-04 | CVE-2002-0882 | Denial Of Service vulnerability in Cisco products The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. | 6.4 |
| 2002-10-04 | CVE-2002-0881 | Unspecified vulnerability in Cisco products Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings. | 2.1 |
| 2002-10-04 | CVE-2002-0880 | Denial-Of-Service vulnerability in Cisco products Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2." | 5.0 |
| 2002-09-05 | CVE-2002-0870 | Remote Security vulnerability in CSS11000 Content Services Switch The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | 7.5 |
| 2002-09-05 | CVE-2002-0853 | Denial Of Service vulnerability in Cisco VPN Client Zero Length IKE Packet Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload. | 5.0 |
| 2002-09-05 | CVE-2002-0852 | Denial-Of-Service vulnerability in VPN Client for Linux Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads. | 5.0 |
| 2002-08-12 | CVE-2002-0849 | Information Disclosure vulnerability in iSCSI Insecure Configuration File Permissions Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | 4.6 |
| 2002-08-12 | CVE-2002-0848 | Unspecified vulnerability in Cisco VPN 5000 Concentrator Series Software Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing. | 5.0 |
| 2002-08-12 | CVE-2002-0813 | Buffer Errors vulnerability in Cisco IOS 11.1/11.2/11.3 Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | 7.1 |
| 2002-08-12 | CVE-2002-0792 | Denial Of Service vulnerability in Cisco Content Service Switch HTTPS Post The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | 5.0 |