Vulnerabilities > Cisco > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-04-22 | CVE-2002-0159 | USE of Externally-Controlled Format String vulnerability in Cisco Secure Access Control Server Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002. | 7.5 |
| 2001-12-06 | CVE-2001-0867 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | 7.5 |
| 2001-12-06 | CVE-2001-0866 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls. | 7.5 |
| 2001-12-06 | CVE-2001-0865 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | 7.5 |
| 2001-12-06 | CVE-2001-0864 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. | 7.5 |
| 2001-12-06 | CVE-2001-0862 | Unspecified vulnerability in Cisco 12000 Router Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | 7.5 |
| 2001-11-28 | CVE-2001-0929 | Unspecified vulnerability in Cisco IOS Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | 7.5 |
| 2001-10-30 | CVE-2001-0669 | Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL. | 7.5 |
| 2001-10-18 | CVE-2001-0757 | Unspecified vulnerability in Cisco 6400 NRP 2 12.1Dc Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | 7.5 |
| 2001-10-18 | CVE-2001-0753 | Remote Security vulnerability in CBOS Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | 7.5 |