Total
9 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-4654 | 3 Cisco, Openbsd, Teamf1 | 4 Content Services Switch 11000, Webns, Openssh and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. | |||||
CVE-2005-0356 | 9 Alaxala, Cisco, F5 and 6 more | 76 Alaxala Networks, Agent Desktop, Aironet Ap1200 and 73 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | |||||
CVE-2006-4352 | 1 Cisco | 1 Content Services Switch 11000 | 2024-02-28 | 5.0 MEDIUM | N/A |
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | |||||
CVE-2001-0621 | 1 Cisco | 1 Content Services Switch 11000 | 2024-02-28 | 7.5 HIGH | N/A |
The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | |||||
CVE-2003-1132 | 1 Cisco | 2 Content Services Switch 11000, Content Services Switch 11500 | 2024-02-28 | 5.0 MEDIUM | N/A |
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | |||||
CVE-2001-0622 | 1 Cisco | 1 Content Services Switch 11000 | 2024-02-28 | 7.5 HIGH | N/A |
The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | |||||
CVE-2002-0870 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2024-02-28 | 7.5 HIGH | N/A |
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | |||||
CVE-2002-0792 | 1 Cisco | 2 Content Services Switch 11000, Webns | 2024-02-28 | 5.0 MEDIUM | N/A |
The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | |||||
CVE-2004-0352 | 1 Cisco | 4 Content Services Switch 11000, Content Services Switch 11050, Content Services Switch 11150 and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. |