CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Cisco : Security Vulnerabilities Published In 2000

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-1056 Bypass 2000-12-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
2 CVE-2000-1055 DoS Exec Code Overflow 2000-12-11 2013-08-14
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet.
3 CVE-2000-1054 DoS Exec Code Overflow 2000-12-11 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
4 CVE-2000-1027 2000-12-11 2008-09-05
5.0
None Remote Low Not required Partial None None
Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a target FTP server by flooding the server with PASV requests, which includes the real IP address in the response when passive mode is established.
5 CVE-2000-1022 Exec Code 2000-12-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
6 CVE-2000-0984 DoS 2000-12-19 2008-09-10
5.0
None Remote Low Not required None None Partial
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string.
7 CVE-2000-0955 +Priv 2000-12-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
8 CVE-2000-0945 Exec Code 2000-12-19 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
9 CVE-2000-0700 Bypass 2000-10-20 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
10 CVE-2000-0613 2000-03-20 2008-09-10
5.0
None Remote Low Not required None None Partial
Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections.
11 CVE-2000-0486 DoS Overflow 2000-05-30 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
12 CVE-2000-0380 20 DoS 2000-04-26 2008-09-10
7.1
None Remote Medium Not required None None Complete
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
13 CVE-2000-0345 +Info 2000-05-03 2008-09-10
2.1
None Local Low Not required Partial None None
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.
14 CVE-2000-0268 DoS 2000-04-20 2008-09-10
5.0
None Remote Low Not required None None Partial
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
15 CVE-2000-0267 2000-04-20 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
16 CVE-2000-0150 Bypass 2000-02-12 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
Total number of vulnerabilities : 16   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.