Vulnerabilities > Cisco > Medium

DATE CVE VULNERABILITY TITLE RISK
2004-11-23 CVE-2004-0244 Improper Input Validation vulnerability in Cisco IOS 12.1E/12.2Sy/12.2Za
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
local
cisco CWE-20
4.7
2004-11-23 CVE-2004-0081 OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. 5.0
2004-08-06 CVE-2004-0589 Unspecified vulnerability in Cisco IOS
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
network
cisco
4.3
2004-08-06 CVE-2004-0551 Denial-Of-Service vulnerability in Cisco Catalyst 4500
Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."
network
low complexity
cisco
5.0
2004-07-27 CVE-2004-0714 Denial Of Service vulnerability in Cisco products
Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).
network
low complexity
cisco
5.0
2004-07-27 CVE-2004-0710 Remote Denial Of Service vulnerability in Cisco IOS Malformed IKE Packet
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
network
low complexity
cisco
5.0
2004-01-21 CVE-2004-1759 Resource Management Errors vulnerability in multiple products
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
network
low complexity
cisco ibm CWE-399
5.0
2004-01-05 CVE-2003-1004 Denial-Of-Service vulnerability in Cisco PIX Firewall and PIX Firewall Software
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.
network
low complexity
cisco
5.0
2004-01-05 CVE-2003-1002 Denial-Of-Service vulnerability in Catalyst 7600
Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
network
low complexity
cisco
5.0
2004-01-05 CVE-2003-1001 Denial-Of-Service vulnerability in Catalyst 7600
Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.
network
low complexity
cisco
5.0