Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-03-31 | CVE-2002-1557 | Denial of Service vulnerability in Cisco ONS15454/ONS15327 Optical Transport Platforms HTTP Request Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character. | 5.0 |
| 2003-03-31 | CVE-2002-1556 | Denial Of Service vulnerability in Cisco ONS15454/ONS15327 Optical Transport Platforms CORBA IOR Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR). | 5.0 |
| 2003-03-31 | CVE-2002-1555 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2003-03-31 | CVE-2002-1554 | Unspecified vulnerability in Cisco Optical Networking Systems Software Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup. | 4.6 |
| 2002-12-31 | CVE-2002-2316 | Unspecified vulnerability in Cisco Catos 5.5(5)/6.3(5)/7.1(2) Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | 5.0 |
| 2002-12-31 | CVE-2002-2140 | Buffer Overrun vulnerability in Cisco PIX TACACS+/RADIUS HTTP Proxy Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS. | 5.0 |
| 2002-12-31 | CVE-2002-2139 | Unspecified vulnerability in Cisco PIX Firewall Software Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack. | 6.4 |
| 2002-12-31 | CVE-2002-2053 | Denial Of Service vulnerability in Cisco IOS 12.1 The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | 5.0 |
| 2002-12-31 | CVE-2002-2052 | Denial of Service vulnerability in Cisco IOS 12.1(6.5) Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. | 5.0 |
| 2002-12-31 | CVE-2002-2037 | Unspecified vulnerability in Cisco products The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. | 5.0 |