Vulnerabilities > Cisco > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-10-04 | CVE-2002-1094 | Unspecified vulnerability in Cisco products Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request. | 5.0 |
2002-10-04 | CVE-2002-1093 | Denial Of Service vulnerability in Cisco HTTP Interface Long Request HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request. | 5.0 |
2002-10-04 | CVE-2002-0952 | Denial Of Service vulnerability in Cisco Optical Networking Systems Software 3.1.0/3.2.0 Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface. | 5.0 |
2002-10-04 | CVE-2002-0908 | Unspecified vulnerability in Cisco IDS Device Manager 3.1.1 Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
2002-10-04 | CVE-2002-0886 | Denial Of Service vulnerability in Cisco CBOS Oversized Packet DHCP Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | 5.0 |
2002-10-04 | CVE-2002-0882 | Denial Of Service vulnerability in Cisco products The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script. | 6.4 |
2002-10-04 | CVE-2002-0880 | Denial-Of-Service vulnerability in Cisco products Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2." | 5.0 |
2002-09-05 | CVE-2002-0853 | Denial Of Service vulnerability in Cisco VPN Client Zero Length IKE Packet Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload. | 5.0 |
2002-09-05 | CVE-2002-0852 | Denial-Of-Service vulnerability in VPN Client for Linux Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads. | 5.0 |
2002-08-12 | CVE-2002-0849 | Information Disclosure vulnerability in iSCSI Insecure Configuration File Permissions Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password. | 4.6 |