Vulnerabilities > Cisco > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-12-11 | CVE-2000-1056 | Unspecified vulnerability in Cisco Secure Access Control Server 2.1/2.3(3)/2.4(2) CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | 7.5 |
2000-12-11 | CVE-2000-1022 | Unspecified vulnerability in Cisco PIX Firewall Software The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands. | 7.5 |
2000-04-26 | CVE-2000-0380 | Improper Input Validation vulnerability in Cisco IOS The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | 7.1 |
2000-02-12 | CVE-2000-0150 | Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. | 7.5 |
1999-12-31 | CVE-1999-1465 | Unspecified vulnerability in Cisco IOS Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | 7.5 |
1999-12-31 | CVE-1999-1464 | Unspecified vulnerability in Cisco IOS 11.1Cc/11.1Ct Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | 7.5 |
1999-12-31 | CVE-1999-1175 | Unspecified vulnerability in Cisco IOS Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | 7.5 |
1999-12-31 | CVE-1999-1100 | Unspecified vulnerability in Cisco PIX Private Link 4.1(6) Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. | 7.5 |
1999-09-01 | CVE-1999-1129 | Unspecified vulnerability in Cisco Catalyst 2900 Vlan and IOS Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. | 7.5 |
1999-08-19 | CVE-1999-0734 | Remote Security vulnerability in Cisco Secure Access Control Server A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. | 7.5 |