Vulnerabilities > Cisco > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-08-08 | CVE-2007-4241 | Remote Buffer Overflow vulnerability in HP Hp-Ux 11.11I Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781. | 10.0 |
2007-07-15 | CVE-2006-5278 | Heap Buffer Overflow vulnerability in Cisco products Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. | 10.0 |
2007-07-15 | CVE-2006-5277 | Heap Buffer Overflow vulnerability in Cisco products Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. | 9.3 |
2007-04-26 | CVE-2007-2282 | Remote Default Account vulnerability in Cisco NetFlow Collection Engine Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system. | 10.0 |
2007-04-16 | CVE-2007-2036 | Remote vulnerability in Cisco Wireless LAN Controller Software 4.1 The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384. | 10.0 |
2007-04-16 | CVE-2007-2034 | Multiple vulnerability in Cisco Wireless Control System Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.87.0 allows remote authenticated users to gain the privileges of the SuperUsers group, and manage the application and its networks, related to the group membership of user accounts, aka Bug ID CSCsg05190. | 9.0 |
2007-03-03 | CVE-2007-1257 | Improper Input Validation vulnerability in Cisco products The Network Analysis Module (NAM) in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address. | 10.0 |
2007-02-22 | CVE-2007-1063 | USE of Hard-Coded Credentials vulnerability in Cisco products The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device. | 10.0 |
2007-02-22 | CVE-2007-1062 | Improper Authentication vulnerability in Cisco products The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and earlier does not properly handle administrator HTTP sessions, which allows remote attackers to bypass authentication controls via a direct URL request to the administrative HTTP interface for a limited time | 10.0 |
2007-02-16 | CVE-2007-0968 | Products Multiple Remote Denial Of Service vulnerability in Cisco Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections. | 9.0 |