Summary
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2001-02-16 |
| Product | Catos | Last view | 2005-12-15 |
| Version | 5.5 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:cisco:catos | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2005-12-15 | CVE-2005-4258 | Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. |
| 5 | 2004-12-31 | CVE-2004-1775 | Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. |
| 5 | 2004-08-06 | CVE-2004-0551 | Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack." |
| 7.1 | 2002-10-28 | CVE-2002-1222 | Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. |
| 7.8 | 2001-02-16 | CVE-2001-0041 | Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-399 | Resource Management Errors |
| 50% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 58150 | Cisco CatOS View-based Access Control MIB (VACM) read-write Community String ... |
| 8875 | Cisco Catalyst Switches Embeded HTTP Server Long HTTP Request DoS |
| 6829 | Cisco CatOS TCP-ACK Remote DoS |
| 801 | Cisco Catalyst Telnetd Authentication Failure Saturation Memory Leak Remote DoS |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2010-09-01 | Name: The remote device is missing a vendor-supplied security patch File: cisco-sa-20010228-ios-snmp-communityhttp.nasl - Type: ACT_GATHER_INFO |
| 2004-06-11 | Name: The remote device is missing a vendor-supplied security patch. File: CSCec42751.nasl - Type: ACT_GATHER_INFO |
| 2003-02-28 | Name: The remote device is missing a vendor-supplied security patch. File: CSCdy26428.nasl - Type: ACT_GATHER_INFO |
| 2002-06-05 | Name: The remote device is missing a vendor-supplied security patch. File: CSCds66191.nasl - Type: ACT_GATHER_INFO |
| 2001-06-15 | Name: The SNMP private community strings can be retrieved using SNMP. File: snmp_vacm.nasl - Type: ACT_GATHER_INFO |
