Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.
CVSS Score
10.0
EPSS Score
0.041
Published
2002-12-23
Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).
CVSS Score
7.1
EPSS Score
0.014
Published
2002-10-04
Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.
CVSS Score
5.0
EPSS Score
0.023
Published
2002-06-25
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
CVSS Score
9.3
EPSS Score
0.935
Published
2001-07-21
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
CVSS Score
7.5
EPSS Score
0.04
Published
2001-05-03
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
CVSS Score
5.0
EPSS Score
0.006
Published
2001-02-28
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
CVSS Score
5.0
EPSS Score
0.008
Published
2000-05-30
The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-05-03
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
CVSS Score
7.1
EPSS Score
0.851
Published
2000-04-26
In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.
CVSS Score
5.0
EPSS Score
0.006
Published
1999-04-01