Cisco

Ios

504 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2005-1057

  • EPSS 0.57%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet."

7.5

CVE-2005-1058

  • EPSS 0.57%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass X...

5

CVE-2005-0186

Exploit
  • EPSS 1.33%
  • Veröffentlicht 19.01.2005 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed p...

5

CVE-2004-1454

  • EPSS 1.99%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.

5.9

CVE-2004-1464

Warnung
  • EPSS 1.7%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 22.10.2025 01:15:31

Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.

5

CVE-2004-1775

  • EPSS 0.98%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.

7.5

CVE-2004-0079

  • EPSS 2.17%
  • Veröffentlicht 23.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

5

CVE-2004-0081

  • EPSS 2.39%
  • Veröffentlicht 23.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

5

CVE-2004-0112

  • EPSS 0.7%
  • Veröffentlicht 23.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a ...

4.7

CVE-2004-0244

  • EPSS 1.2%
  • Veröffentlicht 23.11.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, b...