Cisco : Security Vulnerabilities, CVEs, Published In 2005 (Bypass)
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.
Max CVSS
7.1
EPSS Score
2.02%
Published
2005-05-02
Updated
2017-10-11
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.
Max CVSS
10.0
EPSS Score
2.35%
Published
2005-01-10
Updated
2018-10-30
2 vulnerabilities found