Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-01-11 | CVE-2006-0179 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IP Phone 7940 The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80. | 5.0 |
2005-12-31 | CVE-2005-4826 | Denial Of Service vulnerability in Cisco IOS 12.1(22)Ea3 Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. low complexity cisco | 6.1 |
2005-12-31 | CVE-2005-4825 | Denial-Of-Service vulnerability in Cisco Clean Access (CCA) Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332. | 5.7 |
2005-12-31 | CVE-2005-4794 | Remote Denial of Service vulnerability in Multiple Vendor DNS Message Decompression Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager (SESM) allows remote attackers to cause a denial of service (crash or instability) via a compressed DNS packet with a label length byte with an incorrect offset. | 5.0 |
2005-11-24 | CVE-2005-3804 | Remote Debugger Access vulnerability in Cisco 7920 Wireless IP Phone 1.0(8)/2.0 Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service. | 6.4 |
2005-11-23 | CVE-2005-3774 | Denial Of Service vulnerability in Cisco PIX 6.3/7.0 Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. | 5.0 |
2005-11-03 | CVE-2005-3482 | Unspecified vulnerability in Cisco Aironet Ap1131, Aironet Ap1200 and Aironet Ap1240 Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host. | 5.0 |
2005-11-02 | CVE-2005-3426 | Denial of Service vulnerability in Cisco 11500 Content Services Switch Malformed SSL Client Certificate Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation. | 5.0 |
2005-08-26 | CVE-2005-2695 | Unspecified vulnerability in Cisco products Unspecified vulnerability in the SSL certificate checking functionality in Cisco CiscoWorks Management Center for IDS Sensors (IDSMC) 2.0 and 2.1, and Monitoring Center for Security (Security Monitor or Secmon) 1.1 through 2.0 and 2.1, allows remote attackers to spoof a Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS). | 5.0 |
2005-07-18 | CVE-2005-2280 | Unspecified vulnerability in Cisco Security Agent 4.5 Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. | 5.0 |