CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Cisco : Security Vulnerabilities Published In 2004 (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2004-1759 399 DoS 2004-01-21 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
2 CVE-2004-1464 DoS 2004-12-31 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
3 CVE-2004-1459 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests.
4 CVE-2004-1458 DoS 2004-12-31 2008-09-10
5.0
None Remote Low Not required None None Partial
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002.
5 CVE-2004-1454 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.
6 CVE-2004-1435 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via a large number of TCP connections with an invalid response instead of the final ACK (TCP-ACK).
7 CVE-2004-1434 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.1(0) to 4.1(2), 4.5(x), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed SNMP packets.
8 CVE-2004-1433 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, and ONS 15600 1.x(x), allows remote attackers to cause a denial of service (control card reset) via malformed (1) TCP and (2) UDP packets.
9 CVE-2004-1432 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of service (control card reset) via malformed (1) IP or (2) ICMP packets.
10 CVE-2004-0714 DoS Mem. Corr. 2004-07-27 2009-03-04
5.0
None Remote Low Not required None None Partial
Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).
11 CVE-2004-0710 DoS 2004-07-27 2009-03-04
5.0
None Remote Low Not required None None Partial
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
12 CVE-2004-0589 DoS 2004-08-06 2009-03-04
5.0
None Remote Low Not required None None Partial
Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages.
13 CVE-2004-0551 DoS 2004-08-06 2008-09-10
5.0
None Remote Low Not required None None Partial
Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."
14 CVE-2004-0352 DoS 2004-11-23 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
15 CVE-2004-0307 DoS 2004-11-23 2008-09-05
5.0
None Remote Low Not required None None Partial
Cisco ONS 15327 before 4.1(3), ONS 15454 before 4.6(1), and ONS 15454 SD before 4.1(3) allows remote attackers to cause a denial of service (reset) by not sending the ACK portion of the TCP three-way handshake and sending an invalid response instead.
16 CVE-2004-0244 20 DoS 2004-11-23 2009-03-04
4.7
None Local Medium Not required None None Complete
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet.
17 CVE-2004-0112 DoS 2004-11-23 2010-08-21
5.0
None Remote Low Not required None None Partial
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
18 CVE-2004-0081 DoS 2004-11-23 2010-08-21
5.0
None Remote Low Not required None None Partial
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
19 CVE-2004-0079 DoS 2004-11-23 2010-08-21
5.0
None Remote Low Not required None None Partial
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
20 CVE-2004-0054 DoS Exec Code 2004-02-17 2009-03-04
7.5
User Remote Low Not required Partial Partial Partial
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
21 CVE-2003-1004 DoS 2004-01-05 2008-09-10
5.0
None Remote Low Not required None None Partial
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.
22 CVE-2003-1003 20 DoS 2004-01-05 2008-09-10
7.8
None Remote Low Not required None None Complete
Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
23 CVE-2003-1002 DoS 2004-01-05 2008-09-10
5.0
None Remote Low Not required None None Partial
Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
24 CVE-2003-1001 DoS Overflow 2004-01-05 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.
Total number of vulnerabilities : 24   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.