Vulnerabilities > Cisco > High

DATE CVE VULNERABILITY TITLE RISK
2000-12-11 CVE-2000-1056 Unspecified vulnerability in Cisco Secure Access Control Server 2.1/2.3(3)/2.4(2)
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
network
low complexity
cisco
7.5
2000-12-11 CVE-2000-1022 Unspecified vulnerability in Cisco PIX Firewall Software
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
network
low complexity
cisco
7.5
2000-04-26 CVE-2000-0380 Improper Input Validation vulnerability in Cisco IOS
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
network
cisco CWE-20
7.1
2000-02-12 CVE-2000-0150 Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
network
low complexity
checkpoint cisco
7.5
1999-12-31 CVE-1999-1465 Unspecified vulnerability in Cisco IOS
Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862.
network
low complexity
cisco
7.5
1999-12-31 CVE-1999-1464 Unspecified vulnerability in Cisco IOS 11.1Cc/11.1Ct
Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564.
network
low complexity
cisco
7.5
1999-12-31 CVE-1999-1175 Unspecified vulnerability in Cisco IOS
Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.
network
low complexity
cisco
7.5
1999-12-31 CVE-1999-1100 Unspecified vulnerability in Cisco PIX Private Link 4.1(6)
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.
network
low complexity
cisco
7.5
1999-09-01 CVE-1999-1129 Unspecified vulnerability in Cisco Catalyst 2900 Vlan and IOS
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag.
network
low complexity
cisco
7.5
1999-08-19 CVE-1999-0734 Remote Security vulnerability in Cisco Secure Access Control Server
A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication.
network
low complexity
cisco
7.5