Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515.
Max CVSS
9.3
EPSS Score
87.37%
Published
2007-10-12
Updated
2017-07-29
The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244).
Max CVSS
6.3
EPSS Score
0.59%
Published
2007-05-10
Updated
2020-05-22
The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature.
Max CVSS
7.1
EPSS Score
1.95%
Published
2007-02-14
Updated
2022-06-02
The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets.
Max CVSS
6.4
EPSS Score
6.83%
Published
2007-02-14
Updated
2017-10-11
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
Max CVSS
5.0
EPSS Score
3.36%
Published
2007-01-11
Updated
2017-10-11
5 vulnerabilities found