mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
Update CVE sources 2024-07-25 21:25
This commit is contained in:
0xMarcio
parent
1dc77909f8
commit
d6bcaa53f2
17
2000/CVE-2000-0267.md
Normal file
17
2000/CVE-2000-0267.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-0267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0267)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/catos-enable-bypass-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2000/CVE-2000-0268.md
Normal file
17
2000/CVE-2000-0268.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-0268](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0268)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/iostelnetopt-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2000/CVE-2000-0368.md
Normal file
17
2000/CVE-2000-0368.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-0368](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0368)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/770/ioshist-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2000/CVE-2000-0380.md
Normal file
17
2000/CVE-2000-0380.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-0380](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0380)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -15,4 +15,5 @@ No PoCs from references.
|
||||
#### Github
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
- https://github.com/joscanoga/Reto-python-CRM
|
||||
- https://github.com/riik-db/cc_hw
|
||||
|
||||
|
||||
17
2000/CVE-2000-0700.md
Normal file
17
2000/CVE-2000-0700.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-0700](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0700)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/gsraclbypassdos-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -10,7 +10,7 @@ The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a den
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml
|
||||
|
||||
#### Github
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
|
||||
17
2000/CVE-2000-1022.md
Normal file
17
2000/CVE-2000-1022.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-1022](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1022)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilter-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2000/CVE-2000-1054.md
Normal file
17
2000/CVE-2000-1054.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-1054](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1054)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2000/CVE-2000-1055.md
Normal file
17
2000/CVE-2000-1055.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-1055](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1055)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2000/CVE-2000-1056.md
Normal file
17
2000/CVE-2000-1056.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2000-1056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-1056)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0019.md
Normal file
17
2001/CVE-2001-0019.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0019](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0019)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/arrowpoint-cli-filesystem-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0020.md
Normal file
17
2001/CVE-2001-0020.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0020](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0020)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/arrowpoint-cli-filesystem-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0041.md
Normal file
17
2001/CVE-2001-0041.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0041](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0041)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/catalyst-memleak-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0055.md
Normal file
17
2001/CVE-2001-0055.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0055](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0055)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0056.md
Normal file
17
2001/CVE-2001-0056.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0056](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0056)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0057.md
Normal file
17
2001/CVE-2001-0057.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0057](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0057)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0058.md
Normal file
17
2001/CVE-2001-0058.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0058](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0058)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0288.md
Normal file
17
2001/CVE-2001-0288.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0288](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0288)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0375.md
Normal file
17
2001/CVE-2001-0375.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0375](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0375)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0412.md
Normal file
17
2001/CVE-2001-0412.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0412](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0412)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/arrowpoint-useraccnt-debug-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0427.md
Normal file
17
2001/CVE-2001-0427.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0427)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-telnet-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0428.md
Normal file
17
2001/CVE-2001-0428.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0428](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0428)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-ipoptions-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0429.md
Normal file
17
2001/CVE-2001-0429.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0429](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0429)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/cat5k-8021x-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0455.md
Normal file
17
2001/CVE-2001-0455.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0455](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0455)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Aironet340-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -10,7 +10,7 @@ HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html
|
||||
|
||||
#### Github
|
||||
- https://github.com/ARPSyndicate/cvemon
|
||||
|
||||
@ -10,6 +10,7 @@ Buffer overflow in BSD-based telnetd telnet daemon on various operating systems
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/catos-telrcv-vuln-pub.shtml
|
||||
- http://www.redhat.com/support/errata/RHSA-2001-099.html
|
||||
|
||||
#### Github
|
||||
|
||||
17
2001/CVE-2001-0621.md
Normal file
17
2001/CVE-2001-0621.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0621](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0621)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0622.md
Normal file
17
2001/CVE-2001-0622.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0622](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0622)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0650.md
Normal file
17
2001/CVE-2001-0650.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0650)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ios-bgp-attr-corruption-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0669.md
Normal file
17
2001/CVE-2001-0669.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0669](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0669)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/cisco-intrusion-detection-obfuscation-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0711.md
Normal file
17
2001/CVE-2001-0711.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0711](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0711)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ios-snmp-ilmi-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0748.md
Normal file
17
2001/CVE-2001-0748.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0748](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0748)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/acmeweb-acsunix-dirtravers-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0750.md
Normal file
17
2001/CVE-2001-0750.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0750](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0750)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ios-tcp-scanner-reload-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0751.md
Normal file
17
2001/CVE-2001-0751.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0751)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0752.md
Normal file
17
2001/CVE-2001-0752.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0752)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0753.md
Normal file
17
2001/CVE-2001-0753.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0753](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0753)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0754.md
Normal file
17
2001/CVE-2001-0754.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0754](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0754)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0757.md
Normal file
17
2001/CVE-2001-0757.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0757](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0757)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/6400-nrp2-telnet-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0817.md
Normal file
17
2001/CVE-2001-0817.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0817](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0817)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/bigb0x/CVE-2024-6387
|
||||
|
||||
17
2001/CVE-2001-0861.md
Normal file
17
2001/CVE-2001-0861.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0861)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-unreachables-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0862.md
Normal file
17
2001/CVE-2001-0862.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0862](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0862)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0863.md
Normal file
17
2001/CVE-2001-0863.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0863](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0863)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0864.md
Normal file
17
2001/CVE-2001-0864.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0864](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0864)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0865.md
Normal file
17
2001/CVE-2001-0865.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0865](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0865)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0866.md
Normal file
17
2001/CVE-2001-0866.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0866](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0866)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0867.md
Normal file
17
2001/CVE-2001-0867.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0867)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0895.md
Normal file
17
2001/CVE-2001-0895.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0895](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0895)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/IOS-arp-overwrite-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-0929.md
Normal file
17
2001/CVE-2001-0929.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-0929](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0929)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1037.md
Normal file
17
2001/CVE-2001-1037.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1037](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1037)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/SN-kernel-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1038.md
Normal file
17
2001/CVE-2001-1038.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1038](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1038)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/SN-kernel-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1064.md
Normal file
17
2001/CVE-2001-1064.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1064](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1064)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1065.md
Normal file
17
2001/CVE-2001-1065.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1065)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1105.md
Normal file
17
2001/CVE-2001-1105.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1105](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1105)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/SSL-J-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1183.md
Normal file
17
2001/CVE-2001-1183.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1183](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1183)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/PPTP-vulnerability-pub.html
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2001/CVE-2001-1434.md
Normal file
17
2001/CVE-2001-1434.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2001-1434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1434)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0071.md
Normal file
17
2002/CVE-2002-0071.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0071)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0072.md
Normal file
17
2002/CVE-2002-0072.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0072](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0072)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -11,6 +11,7 @@ The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows att
|
||||
|
||||
#### Reference
|
||||
- http://marc.info/?l=bugtraq&m=101901273810598&w=2
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0074.md
Normal file
17
2002/CVE-2002-0074.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0074](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0074)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0075.md
Normal file
17
2002/CVE-2002-0075.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0075](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0075)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0079.md
Normal file
17
2002/CVE-2002-0079.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0079](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0079)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0083.md
Normal file
17
2002/CVE-2002-0083.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0083)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
|
||||
#### Github
|
||||
- https://github.com/bigb0x/CVE-2024-6387
|
||||
|
||||
17
2002/CVE-2002-0147.md
Normal file
17
2002/CVE-2002-0147.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0147)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -10,6 +10,7 @@ Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A92
|
||||
|
||||
#### Github
|
||||
|
||||
@ -10,6 +10,7 @@ Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allo
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A95
|
||||
|
||||
#### Github
|
||||
|
||||
17
2002/CVE-2002-0150.md
Normal file
17
2002/CVE-2002-0150.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0150)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0159.md
Normal file
17
2002/CVE-2002-0159.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0159)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0160.md
Normal file
17
2002/CVE-2002-0160.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0160)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0339.md
Normal file
17
2002/CVE-2002-0339.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0339](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0339)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0505.md
Normal file
17
2002/CVE-2002-0505.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0505)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/callmanager-ctifw-leak-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0545.md
Normal file
17
2002/CVE-2002-0545.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0545)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/Aironet-Telnet.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0769.md
Normal file
17
2002/CVE-2002-0769.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0769)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0778.md
Normal file
17
2002/CVE-2002-0778.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0778](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0778)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0792.md
Normal file
17
2002/CVE-2002-0792.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0792](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0792)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/css-http-post-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -11,6 +11,7 @@ Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2
|
||||
|
||||
#### Reference
|
||||
- http://marc.info/?l=bugtraq&m=103002169829669&w=2
|
||||
- http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0848.md
Normal file
17
2002/CVE-2002-0848.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0848)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn5k-radius-pap-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0852.md
Normal file
17
2002/CVE-2002-0852.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0852](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0852)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0853.md
Normal file
17
2002/CVE-2002-0853.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0853](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0853)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0870.md
Normal file
17
2002/CVE-2002-0870.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0870)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0880.md
Normal file
17
2002/CVE-2002-0880.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0880)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2."
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0881.md
Normal file
17
2002/CVE-2002-0881.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0881](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0881)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0882.md
Normal file
17
2002/CVE-2002-0882.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0882)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0886.md
Normal file
17
2002/CVE-2002-0886.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0886](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0886)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/CBOS-DoS.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-0952.md
Normal file
17
2002/CVE-2002-0952.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-0952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0952)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/ons-tos-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
@ -10,7 +10,7 @@ Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cau
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
No PoCs from references.
|
||||
- http://www.cisco.com/warp/public/707/SSH-scanning.shtml
|
||||
|
||||
#### Github
|
||||
- https://github.com/phx/cvescan
|
||||
|
||||
17
2002/CVE-2002-1092.md
Normal file
17
2002/CVE-2002-1092.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1092](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1092)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1093.md
Normal file
17
2002/CVE-2002-1093.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1093)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1094.md
Normal file
17
2002/CVE-2002-1094.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1094](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1094)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1095.md
Normal file
17
2002/CVE-2002-1095.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1095](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1095)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1096.md
Normal file
17
2002/CVE-2002-1096.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1096](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1096)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1097.md
Normal file
17
2002/CVE-2002-1097.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1097)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1098.md
Normal file
17
2002/CVE-2002-1098.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1098)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1099.md
Normal file
17
2002/CVE-2002-1099.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1099)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1100.md
Normal file
17
2002/CVE-2002-1100.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1100)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1101.md
Normal file
17
2002/CVE-2002-1101.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1101)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1102.md
Normal file
17
2002/CVE-2002-1102.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1102)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1103.md
Normal file
17
2002/CVE-2002-1103.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1103](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1103)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1104.md
Normal file
17
2002/CVE-2002-1104.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1104)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS).
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
17
2002/CVE-2002-1105.md
Normal file
17
2002/CVE-2002-1105.md
Normal file
@ -0,0 +1,17 @@
|
||||
### [CVE-2002-1105](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1105)
|
||||
|
||||
|
||||
|
||||
|
||||
### Description
|
||||
|
||||
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.
|
||||
|
||||
### POC
|
||||
|
||||
#### Reference
|
||||
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
|
||||
|
||||
#### Github
|
||||
No PoCs found on GitHub currently.
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user