Filtered by vendor Cisco
Subscribe
Total
5838 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2006-5393 | 1 Cisco | 1 Secure Desktop | 2008-09-05 | 2.1 LOW | N/A |
Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. | |||||
CVE-2006-5394 | 1 Cisco | 1 Secure Desktop | 2008-09-05 | 2.1 LOW | N/A |
The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session. | |||||
CVE-2006-4352 | 1 Cisco | 1 Content Services Switch 11000 | 2008-09-05 | 5.0 MEDIUM | N/A |
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | |||||
CVE-2005-3426 | 1 Cisco | 1 Content Services Switch 11500 | 2008-09-05 | 5.0 MEDIUM | N/A |
Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation. | |||||
CVE-2005-2241 | 1 Cisco | 1 Call Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe. | |||||
CVE-2005-2242 | 1 Cisco | 1 Call Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to cause a denial of service (memory consumption and restart) via crafted packets to (1) the CTI Manager (ctimgr.exe) or (2) the CallManager (ccm.exe). | |||||
CVE-2005-2243 | 1 Cisco | 1 Call Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail. | |||||
CVE-2005-0612 | 1 Cisco | 7 Ipvc-3510-mcu, Ipvc-3520-gw-2b, Ipvc-3520-gw-2b2v and 4 more | 2008-09-05 | 7.5 HIGH | N/A |
Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify configuration. | |||||
CVE-2003-1132 | 1 Cisco | 2 Content Services Switch 11000, Content Services Switch 11500 | 2008-09-05 | 5.0 MEDIUM | N/A |
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | |||||
CVE-2003-0732 | 1 Cisco | 4 Ciscoworks Cd1, Ciscoworks Common Management Foundation, Resource Manager and 1 more | 2008-09-05 | 10.0 HIGH | N/A |
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages. | |||||
CVE-2002-2379 | 1 Cisco | 1 As5350 | 2008-09-05 | 7.8 HIGH | N/A |
** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. | |||||
CVE-2002-2037 | 1 Cisco | 5 Bams, Pgw 2200, Sc2200 and 2 more | 2008-09-05 | 5.0 MEDIUM | N/A |
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities. | |||||
CVE-2002-2052 | 1 Cisco | 1 Ios | 2008-09-05 | 5.0 MEDIUM | N/A |
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. | |||||
CVE-2002-2053 | 1 Cisco | 1 Ios | 2008-09-05 | 5.0 MEDIUM | N/A |
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | |||||
CVE-2002-2315 | 1 Cisco | 1 Ios | 2008-09-05 | 7.8 HIGH | N/A |
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. | |||||
CVE-2002-2316 | 1 Cisco | 1 Catos | 2008-09-05 | 5.0 MEDIUM | N/A |
Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | |||||
CVE-2002-1447 | 1 Cisco | 1 Vpn Client | 2008-09-05 | 7.2 HIGH | N/A |
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument. | |||||
CVE-2002-1491 | 1 Cisco | 1 Vpn 5000 Client | 2008-09-05 | 5.0 MEDIUM | N/A |
The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges. | |||||
CVE-2002-1492 | 1 Cisco | 1 Vpn 5000 Client | 2008-09-05 | 7.2 HIGH | N/A |
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel. | |||||
CVE-2002-0870 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2008-09-05 | 7.5 HIGH | N/A |
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. |