Cisco : Security Vulnerabilities, CVEs, Published In 2002 (Denial of service) CVSS score >= 4
Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor
Max CVSS
7.8
EPSS Score
1.06%
Published
2002-12-31
Updated
2024-03-21
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router.
Max CVSS
7.8
EPSS Score
7.82%
Published
2002-12-31
Updated
2008-09-05
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
Max CVSS
7.8
EPSS Score
0.67%
Published
2002-12-31
Updated
2017-07-29
Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.
Max CVSS
7.8
EPSS Score
11.83%
Published
2002-12-31
Updated
2018-10-19
Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.
Max CVSS
5.0
EPSS Score
0.24%
Published
2002-12-31
Updated
2018-10-30
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop.
Max CVSS
5.0
EPSS Score
0.21%
Published
2002-12-31
Updated
2008-09-05
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software.
Max CVSS
5.0
EPSS Score
0.24%
Published
2002-12-31
Updated
2008-09-05
Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985.
Max CVSS
5.0
EPSS Score
1.06%
Published
2002-12-31
Updated
2017-07-11
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
Max CVSS
5.0
EPSS Score
0.88%
Published
2002-01-09
Updated
2018-10-30
Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers.
Max CVSS
5.0
EPSS Score
0.89%
Published
2002-01-09
Updated
2018-10-30
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
4.42%
Published
2002-12-23
Updated
2017-10-11
CVE-2002-1359
Public exploit
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
97.18%
Published
2002-12-23
Updated
2017-10-11
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
4.42%
Published
2002-12-23
Updated
2017-10-11
Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Max CVSS
10.0
EPSS Score
19.30%
Published
2002-12-23
Updated
2017-10-11
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
Max CVSS
7.1
EPSS Score
0.98%
Published
2002-10-28
Updated
2008-09-10
Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS).
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2017-10-10
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
Max CVSS
5.0
EPSS Score
0.21%
Published
2002-10-04
Updated
2018-10-30
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2018-10-30
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
Max CVSS
5.0
EPSS Score
0.48%
Published
2002-10-04
Updated
2018-10-30
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
Max CVSS
5.0
EPSS Score
0.87%
Published
2002-10-04
Updated
2018-10-30
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2018-10-30
HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
Max CVSS
5.0
EPSS Score
0.82%
Published
2002-10-04
Updated
2018-10-30
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
Max CVSS
7.1
EPSS Score
0.92%
Published
2002-10-04
Updated
2018-10-30
Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.
Max CVSS
5.0
EPSS Score
0.65%
Published
2002-10-04
Updated
2018-10-30
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
Max CVSS
5.0
EPSS Score
2.75%
Published
2002-10-04
Updated
2017-07-11