VARIoT IoT exploits database
| VAR-E-200012-0075 |
CVE-2001-0041 |
Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak Denial of Service - Hardware dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200102-0077 | EDB ID: 20473 |
Cisco Catalyst 4000 4.x/5.x / Catalyst 5000 4.5/5.x / Catalyst 6000 5.x - Memory Leak Denial of Service. CVE-2001-0041CVE-801 . dos exploit for Hardware platform
| VAR-E-200005-0121 |
CVE-2000-0345 |
Cisco Router Online Help Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-200005-0033 | No EDB ID |
Under certain revisions of IOS multiple Cisco routers have an information leakage vulnerability in their online help systems. In essence this vulnerability allows users who currently have access to the router at a low level of privilege (users without access to the 'enable' password) can use the help system to view information which should only in theory be available to an 'enabled' user. This information is comprised of access lists among other things. The help system itself does not list these items as being available via the 'show' commands yet none the less it will execute them.
The message which detailed this vulnerability to the Bugtraq mailing list is attached in the 'Credit' section of this vulnerability entry. It is suggested that you read it if this vulnerability affects your infrastructure.
| VAR-E-200004-0041 |
CVE-2000-0380 |
Cisco IOS 11.x/12.x - HTTP %% - Hardware remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200004-0061 | EDB ID: 19882 |
Cisco IOS 11.x/12.x - HTTP %%. CVE-2000-0380CVE-1302 . remote exploit for Hardware platform
| VAR-E-200004-0047 | No CVE | Cisco Catalyst Enable Password Bypass Vulnerability | No EDB ID |
Under certain versions of the Cisco Catalyst a user who already has access to the device can elevate their current access to 'enable' mode without a password. Once 'enable' mode is obtained the user can access the configuration mode and commit unauthorized configuration changes on a Catalyst switch.
This can be done either from the console itself or via a remote Telnet session.
| VAR-E-200002-0024 | No CVE | Ascom COLTSOHO / Brocade Fabric OS / MatchBox / Win98/NT4 / Solaris / Xyplex - SNMP World Writeable Community - Multiple remote Exploit | EDB ID: 19751 |
Ascom COLTSOHO / Brocade Fabric OS / MatchBox / Win98/NT4 / Solaris / Xyplex - SNMP World Writeable Community. CVE-92015CVE-92014CVE-92013CVE-92012CVE-92011CVE-92010 . remote exploit for Multiple platform
| VAR-E-199909-0099 |
CVE-1999-0236 | NCSA 1.3/1.4.x/1.5 / Apache HTTPd 0.8.11/0.8.14 - ScriptAlias Source Retrieval - Multiple remote Exploit | EDB ID: 20595 |
NCSA 1.3/1.4.x/1.5 / Apache HTTPd 0.8.11/0.8.14 - ScriptAlias Source Retrieval. CVE-1999-0236CVE-1745 . remote exploit for Multiple platform
| VAR-E-201801-0102 | No CVE | No EDB ID |
| VAR-E-201901-0043 | No CVE | No EDB ID |
| VAR-E-201901-0042 | No CVE | No EDB ID |
| VAR-E-201710-0039 | No CVE | No EDB ID |
| VAR-E-201710-0034 | No CVE | No EDB ID |
| VAR-E-201710-0036 | No CVE | No EDB ID |
| VAR-E-201805-0635 | No CVE | No EDB ID |
| VAR-E-202305-0266 | No CVE | No EDB ID |
| VAR-E-202305-0162 | No CVE | No EDB ID |
| VAR-E-202304-0025 | No CVE | No EDB ID |
| VAR-E-202303-0140 | No CVE | No EDB ID |
| VAR-E-201801-0781 | No CVE | No EDB ID |
| VAR-E-201809-0119 | No CVE | No EDB ID |
| VAR-E-199808-0006 | No CVE | Cisco IOS Remote Router Crash | No EDB ID |
Cisco IOS software is reported prone to a remote denial of service vulnerability. This may allow an attacker to cause a vulnerable device to crash or hang. It is reported that this issue may cause damage to an internal data structure, which could lead to other problems as well. An attacker does not require authentication credentials to exploit this issue, as only access to the login prompt of a device is sufficient to trigger this issue.