Filtered by vendor Cisco
Subscriptions
Total
6253 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4241 | 2 Cisco, Hp | 2 Local Director, Hp-ux | 2024-11-21 | N/A |
| Buffer overflow in ldcconn in Hewlett-Packard (HP) Controller for Cisco Local Director on HP-UX 11.11i allows remote attackers to execute arbitrary code via a long string to TCP port 17781. | ||||
| CVE-2007-4012 | 1 Cisco | 6 4100 Wireless Lan Controller, 4400 Wireless Lan Controller, Airespace 4000 Wireless Lan Controller and 3 more | 2024-11-21 | N/A |
| Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374. | ||||
| CVE-2007-4011 | 1 Cisco | 6 4100 Wireless Lan Controller, 4400 Wireless Lan Controller, Airespace 4000 Wireless Lan Controller and 3 more | 2024-11-21 | N/A |
| Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841. | ||||
| CVE-2007-3923 | 1 Cisco | 3 Wide Area Application Engine, Wide Area Application Engine Nm-wae-502, Wide Area Application Services | 2024-11-21 | N/A |
| The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445. | ||||
| CVE-2007-3776 | 1 Cisco | 2 Unified Communications Manager, Unified Presence Server | 2024-11-21 | N/A |
| Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. | ||||
| CVE-2007-3775 | 1 Cisco | 2 Unified Communications Manager, Unified Presence Server | 2024-11-21 | N/A |
| Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985. | ||||
| CVE-2007-3184 | 2 Apple, Cisco | 2 Mac Os X, Trust Agent | 2024-11-21 | N/A |
| Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation. | ||||
| CVE-2007-2832 | 1 Cisco | 1 Call Manager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors. | ||||
| CVE-2007-2813 | 1 Cisco | 1 Ios Transmission Control Protocol | 2024-11-21 | N/A |
| Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. | ||||
| CVE-2007-2688 | 1 Cisco | 2 Ios, Ips Sensor Software | 2024-11-21 | N/A |
| The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. | ||||
| CVE-2007-2587 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
| The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). | ||||
| CVE-2007-2586 | 1 Cisco | 1 Ios | 2024-11-21 | N/A |
| The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. | ||||
| CVE-2007-2464 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix | 2024-11-21 | N/A |
| Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." | ||||
| CVE-2007-2463 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix | 2024-11-21 | N/A |
| Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. | ||||
| CVE-2007-2462 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix | 2024-11-21 | N/A |
| Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. | ||||
| CVE-2007-2461 | 1 Cisco | 2 Adaptive Security Appliance Software, Pix | 2024-11-21 | N/A |
| The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used. | ||||
| CVE-2007-2282 | 1 Cisco | 1 Netflow Collection Engine | 2024-11-21 | N/A |
| Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system. | ||||
| CVE-2007-2041 | 1 Cisco | 2 2100 Wireless Lan Controller, 4400 Wireless Lan Controller | 2024-11-21 | N/A |
| Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195. | ||||
| CVE-2007-2040 | 1 Cisco | 3 Aironet 1000-series, Aironet 1500-series, Wireless Lan Controller Software | 2024-11-21 | N/A |
| Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192. | ||||
| CVE-2007-2039 | 1 Cisco | 1 Wireless Lan Controller Software | 2024-11-21 | N/A |
| The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841. | ||||