Product:

Ios

(Cisco)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 599
Date Id Summary Products Score Patch Annotated
2007-05-10 CVE-2007-2586 The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. Ios N/A
2008-10-20 CVE-2008-4609 The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Bsd, Bsd_os, Catalyst_blade_switch_3020_firmware, Catalyst_blade_switch_3120_firmware, Catalyst_blade_switch_3120x_firmware, Ios, Dragonflybsd, Freebsd, Linux_kernel, Windows_2000, Windows_server_2003, Windows_server_2008, Windows_vista, Windows_xp, Midnightbsd, Netbsd, Openbsd, Solaris, Trustedbsd N/A
2019-05-13 CVE-2019-1649 A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the... 15454\-M\-Wse\-K9_firmware, Analog_voice_network_interface_modules_firmware, Asa_5500_firmware, Asr_1000_series_firmware, Asr_1001_firmware, Catalyst_9800\-40_wireless_controller_firmware, Catalyst_9800\-80_wireless_controller_firmware, Encs_5100_firmware, Encs_5400_firmware, Firepower_2100_firmware, Firepower_4000_firmware, Firepower_9000_firmware, Ic3000\-K9_firmware, Industrial_security_appliances_3000_firmware, Integrated_services_router_4200_firmware, Integrated_services_router_4300_firmware, Integrated_services_router_4400_firmware, Integrated_services_router_t1\/e1_voice_and_wan_network_interface_modules_firmware, Ios, Ios_xe, Ios_xr, Ncs2k\-Mr\-Mxp\-K9_firmware, Nx\-Os, Ons_15454_mstp_firmware, Sm\-X\-1t3\/e3_firmware, Supervisor_a\+_firmware, Supervisor_b\+_firmware 6.7
1997-08-01 CVE-1999-0524 ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. Mac_os_x, Macos, Ios, Hp\-Ux, Tru64, Aix, Os2, Linux_kernel, Windows, Netware, Solaris, Sco_unix, Irix, Bsdos N/A
2008-09-26 CVE-2008-3804 Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. Ios N/A
2004-08-06 CVE-2004-0589 Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. Ios N/A
1998-08-12 CVE-1999-0159 Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. Ios N/A
1998-09-01 CVE-1999-0162 The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. Ios N/A
1999-01-11 CVE-1999-0063 Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. Ios N/A
1999-06-10 CVE-1999-0775 Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. Ios N/A