Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor
Max CVSS
7.8
EPSS Score
1.06%
Published
2002-12-31
Updated
2024-03-21
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router.
Max CVSS
7.8
EPSS Score
7.82%
Published
2002-12-31
Updated
2008-09-05
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
Max CVSS
7.8
EPSS Score
0.67%
Published
2002-12-31
Updated
2017-07-29
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.
Max CVSS
7.8
EPSS Score
11.83%
Published
2002-12-31
Updated
2018-10-19
Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.
Max CVSS
5.0
EPSS Score
0.24%
Published
2002-12-31
Updated
2018-10-30
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop.
Max CVSS
5.0
EPSS Score
0.21%
Published
2002-12-31
Updated
2008-09-05
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software.
Max CVSS
5.0
EPSS Score
0.24%
Published
2002-12-31
Updated
2008-09-05
Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.
Max CVSS
5.0
EPSS Score
1.06%
Published
2002-12-31
Updated
2017-07-11
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
Max CVSS
5.0
EPSS Score
0.88%
Published
2002-01-09
Updated
2018-10-30
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers.
Max CVSS
5.0
EPSS Score
0.89%
Published
2002-01-09
Updated
2018-10-30
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
4.42%
Published
2002-12-23
Updated
2017-10-11

CVE-2002-1359

Public exploit
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
97.18%
Published
2002-12-23
Updated
2017-10-11
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
4.42%
Published
2002-12-23
Updated
2017-10-11
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
19.30%
Published
2002-12-23
Updated
2017-10-11
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
Max CVSS
7.1
EPSS Score
0.98%
Published
2002-10-28
Updated
2008-09-10
Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS).
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2017-10-10
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
Max CVSS
5.0
EPSS Score
0.21%
Published
2002-10-04
Updated
2018-10-30
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2018-10-30
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
Max CVSS
5.0
EPSS Score
0.48%
Published
2002-10-04
Updated
2018-10-30
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
Max CVSS
5.0
EPSS Score
0.87%
Published
2002-10-04
Updated
2018-10-30
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2018-10-30
HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2018-10-30
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
Max CVSS
7.1
EPSS Score
0.92%
Published
2002-10-04
Updated
2018-10-30
Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.
Max CVSS
5.0
EPSS Score
0.65%
Published
2002-10-04
Updated
2018-10-30
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
Max CVSS
5.0
EPSS Score
2.75%
Published
2002-10-04
Updated
2017-07-11
34 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!