Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for content_services_switch_11000 by cisco

    CVE-2006-4352 (GCVE-0-2006-4352)

    Vulnerability from nvd – Published: 2006-08-25 10:00 – Updated: 2024-09-17 04:29
    VLAI
    Summary
    The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/28121 vdb-entryx_refsource_OSVDB
    http://www.cisco.com/warp/public/117/AP_cookies.html x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:07.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-08-25T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28121",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4352",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28121",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28121"
                },
                {
                  "name": "http://www.cisco.com/warp/public/117/AP_cookies.html",
                  "refsource": "MISC",
                  "url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4352",
        "datePublished": "2006-08-25T10:00:00.000Z",
        "dateReserved": "2006-08-24T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:29:23.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0356 (GCVE-0-2005-0356)

    Vulnerability from nvd – Published: 2005-05-31 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/15393 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/637934 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/15417/ third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18662 third-party-advisoryx_refsource_SECUNIA
    ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005… vendor-advisoryx_refsource_SCO
    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories… vendor-advisoryx_refsource_FREEBSD
    http://www.securityfocus.com/bid/13676 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/cisco-sn-200… vendor-advisoryx_refsource_CISCO
    http://secunia.com/advisories/18222 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tcp-ip-timestamp-dos(20635)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
              },
              {
                "name": "15393",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15393"
              },
              {
                "name": "VU#637934",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/637934"
              },
              {
                "name": "15417",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15417/"
              },
              {
                "name": "18662",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18662"
              },
              {
                "name": "SCOSA-2005.64",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt"
              },
              {
                "name": "FreeBSD-SA-05:15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FREEBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc"
              },
              {
                "name": "13676",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13676"
              },
              {
                "name": "20050518 Vulnerability in a Variant of the TCP Timestamps Option",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
              },
              {
                "name": "18222",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18222"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "tcp-ip-timestamp-dos(20635)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
            },
            {
              "name": "15393",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15393"
            },
            {
              "name": "VU#637934",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/637934"
            },
            {
              "name": "15417",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15417/"
            },
            {
              "name": "18662",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18662"
            },
            {
              "name": "SCOSA-2005.64",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt"
            },
            {
              "name": "FreeBSD-SA-05:15",
              "tags": [
                "vendor-advisory",
                "x_refsource_FREEBSD"
              ],
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc"
            },
            {
              "name": "13676",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13676"
            },
            {
              "name": "20050518 Vulnerability in a Variant of the TCP Timestamps Option",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
            },
            {
              "name": "18222",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18222"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0356",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tcp-ip-timestamp-dos(20635)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
                },
                {
                  "name": "15393",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15393"
                },
                {
                  "name": "VU#637934",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/637934"
                },
                {
                  "name": "15417",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15417/"
                },
                {
                  "name": "18662",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18662"
                },
                {
                  "name": "SCOSA-2005.64",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt"
                },
                {
                  "name": "FreeBSD-SA-05:15",
                  "refsource": "FREEBSD",
                  "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc"
                },
                {
                  "name": "13676",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13676"
                },
                {
                  "name": "20050518 Vulnerability in a Variant of the TCP Timestamps Option",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
                },
                {
                  "name": "18222",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18222"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0356",
        "datePublished": "2005-05-31T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0352 (GCVE-0-2004-0352)

    Vulnerability from nvd – Published: 2004-03-18 05:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/9806 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://www.kb.cert.org/vuls/id/363374 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-03-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.260Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-css-udp-dos(15388)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15388"
              },
              {
                "name": "9806",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9806"
              },
              {
                "name": "20040304 Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml"
              },
              {
                "name": "VU#363374",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/363374"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cisco-css-udp-dos(15388)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15388"
            },
            {
              "name": "9806",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9806"
            },
            {
              "name": "20040304 Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml"
            },
            {
              "name": "VU#363374",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/363374"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0352",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cisco-css-udp-dos(15388)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15388"
                },
                {
                  "name": "9806",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9806"
                },
                {
                  "name": "20040304 Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml"
                },
                {
                  "name": "VU#363374",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/363374"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0352",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1132 (GCVE-0-2003-1132)

    Vulnerability from nvd – Published: 2005-04-21 04:00 – Updated: 2024-09-16 16:18
    VLAI
    Summary
    The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://www.kb.cert.org/vuls/id/714121 third-party-advisoryx_refsource_CERT-VN
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:19:45.937Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml"
              },
              {
                "name": "VU#714121",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/714121"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-04-21T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml"
            },
            {
              "name": "VU#714121",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/714121"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1132",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml"
                },
                {
                  "name": "VU#714121",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/714121"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1132",
        "datePublished": "2005-04-21T04:00:00.000Z",
        "dateReserved": "2005-04-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:18:43.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0870 (GCVE-0-2002-0870)

    Vulnerability from nvd – Published: 2002-08-20 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cisco.com/warp/public/707/arrowpoint-w… vendor-advisoryx_refsource_CISCO
    Date Public
    2002-08-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:49.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020814 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-08-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-08-31T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020814 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0870",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020814 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0870",
        "datePublished": "2002-08-20T04:00:00.000Z",
        "dateReserved": "2002-08-16T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:49.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0792 (GCVE-0-2002-0792)

    Vulnerability from nvd – Published: 2002-07-26 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/330275 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/4747 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/686939 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/4748 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/css-http-pos… vendor-advisoryx_refsource_CISCO
    http://www.iss.net/security_center/static/9083.php vdb-entryx_refsource_XF
    Date Public
    2002-05-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:48.552Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#330275",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/330275"
              },
              {
                "name": "4747",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4747"
              },
              {
                "name": "VU#686939",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/686939"
              },
              {
                "name": "4748",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4748"
              },
              {
                "name": "20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/css-http-post-pub.shtml"
              },
              {
                "name": "cisco-css-http-dos(9083)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9083.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-05-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-03-13T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "VU#330275",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/330275"
            },
            {
              "name": "4747",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4747"
            },
            {
              "name": "VU#686939",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/686939"
            },
            {
              "name": "4748",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4748"
            },
            {
              "name": "20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/css-http-post-pub.shtml"
            },
            {
              "name": "cisco-css-http-dos(9083)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9083.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0792",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#330275",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/330275"
                },
                {
                  "name": "4747",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4747"
                },
                {
                  "name": "VU#686939",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/686939"
                },
                {
                  "name": "4748",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4748"
                },
                {
                  "name": "20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/css-http-post-pub.shtml"
                },
                {
                  "name": "cisco-css-http-dos(9083)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9083.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0792",
        "datePublished": "2002-07-26T04:00:00.000Z",
        "dateReserved": "2002-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:48.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0622 (GCVE-0-2001-0622)

    Vulnerability from nvd – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
    VLAI
    Summary
    The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/1848 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/2806 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/arrowpoint-w… vendor-advisoryx_refsource_CISCO
    Date Public
    2001-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:30:06.057Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-css-web-management(6631)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6631"
              },
              {
                "name": "1848",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/1848"
              },
              {
                "name": "2806",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2806"
              },
              {
                "name": "20010531 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-03-01T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cisco-css-web-management(6631)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6631"
            },
            {
              "name": "1848",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/1848"
            },
            {
              "name": "2806",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2806"
            },
            {
              "name": "20010531 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0622",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cisco-css-web-management(6631)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6631"
                },
                {
                  "name": "1848",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/1848"
                },
                {
                  "name": "2806",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2806"
                },
                {
                  "name": "20010531 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0622",
        "datePublished": "2002-03-09T05:00:00.000Z",
        "dateReserved": "2001-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:30:06.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0621 (GCVE-0-2001-0621)

    Vulnerability from nvd – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
    VLAI
    Summary
    The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ciac.org/ciac/bulletins/l-085.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/2745 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/arrowpoint-f… vendor-advisoryx_refsource_CISCO
    http://www.osvdb.org/1834 vdb-entryx_refsource_OSVDB
    Date Public
    2001-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:30:05.966Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "L-085",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/l-085.shtml"
              },
              {
                "name": "cisco-css-ftp-commands(6557)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6557"
              },
              {
                "name": "2745",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2745"
              },
              {
                "name": "20010517 Cisco Content Service Switch 11000 Series FTP Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml"
              },
              {
                "name": "1834",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/1834"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-03-01T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "L-085",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/l-085.shtml"
            },
            {
              "name": "cisco-css-ftp-commands(6557)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6557"
            },
            {
              "name": "2745",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2745"
            },
            {
              "name": "20010517 Cisco Content Service Switch 11000 Series FTP Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml"
            },
            {
              "name": "1834",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/1834"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0621",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "L-085",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/l-085.shtml"
                },
                {
                  "name": "cisco-css-ftp-commands(6557)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6557"
                },
                {
                  "name": "2745",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2745"
                },
                {
                  "name": "20010517 Cisco Content Service Switch 11000 Series FTP Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml"
                },
                {
                  "name": "1834",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/1834"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0621",
        "datePublished": "2002-03-09T05:00:00.000Z",
        "dateReserved": "2001-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:30:05.966Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4352 (GCVE-0-2006-4352)

    Vulnerability from cvelistv5 – Published: 2006-08-25 10:00 – Updated: 2024-09-17 04:29
    VLAI
    Summary
    The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/28121 vdb-entryx_refsource_OSVDB
    http://www.cisco.com/warp/public/117/AP_cookies.html x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:06:07.627Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "28121",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/28121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-08-25T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "28121",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/28121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4352",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "28121",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/28121"
                },
                {
                  "name": "http://www.cisco.com/warp/public/117/AP_cookies.html",
                  "refsource": "MISC",
                  "url": "http://www.cisco.com/warp/public/117/AP_cookies.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4352",
        "datePublished": "2006-08-25T10:00:00.000Z",
        "dateReserved": "2006-08-24T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:29:23.834Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-0356 (GCVE-0-2005-0356)

    Vulnerability from cvelistv5 – Published: 2005-05-31 04:00 – Updated: 2024-08-07 21:13
    VLAI
    Summary
    Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/15393 third-party-advisoryx_refsource_SECUNIA
    http://www.kb.cert.org/vuls/id/637934 third-party-advisoryx_refsource_CERT-VN
    http://secunia.com/advisories/15417/ third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/18662 third-party-advisoryx_refsource_SECUNIA
    ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005… vendor-advisoryx_refsource_SCO
    ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories… vendor-advisoryx_refsource_FREEBSD
    http://www.securityfocus.com/bid/13676 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/cisco-sn-200… vendor-advisoryx_refsource_CISCO
    http://secunia.com/advisories/18222 third-party-advisoryx_refsource_SECUNIA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    Date Public
    2005-05-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T21:13:53.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tcp-ip-timestamp-dos(20635)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
              },
              {
                "name": "15393",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15393"
              },
              {
                "name": "VU#637934",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/637934"
              },
              {
                "name": "15417",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15417/"
              },
              {
                "name": "18662",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18662"
              },
              {
                "name": "SCOSA-2005.64",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SCO",
                  "x_transferred"
                ],
                "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt"
              },
              {
                "name": "FreeBSD-SA-05:15",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FREEBSD",
                  "x_transferred"
                ],
                "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc"
              },
              {
                "name": "13676",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/13676"
              },
              {
                "name": "20050518 Vulnerability in a Variant of the TCP Timestamps Option",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
              },
              {
                "name": "18222",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18222"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-05-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "tcp-ip-timestamp-dos(20635)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
            },
            {
              "name": "15393",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15393"
            },
            {
              "name": "VU#637934",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/637934"
            },
            {
              "name": "15417",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15417/"
            },
            {
              "name": "18662",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18662"
            },
            {
              "name": "SCOSA-2005.64",
              "tags": [
                "vendor-advisory",
                "x_refsource_SCO"
              ],
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt"
            },
            {
              "name": "FreeBSD-SA-05:15",
              "tags": [
                "vendor-advisory",
                "x_refsource_FREEBSD"
              ],
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc"
            },
            {
              "name": "13676",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/13676"
            },
            {
              "name": "20050518 Vulnerability in a Variant of the TCP Timestamps Option",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
            },
            {
              "name": "18222",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18222"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2005-0356",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tcp-ip-timestamp-dos(20635)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20635"
                },
                {
                  "name": "15393",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15393"
                },
                {
                  "name": "VU#637934",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/637934"
                },
                {
                  "name": "15417",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15417/"
                },
                {
                  "name": "18662",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18662"
                },
                {
                  "name": "SCOSA-2005.64",
                  "refsource": "SCO",
                  "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt"
                },
                {
                  "name": "FreeBSD-SA-05:15",
                  "refsource": "FREEBSD",
                  "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc"
                },
                {
                  "name": "13676",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/13676"
                },
                {
                  "name": "20050518 Vulnerability in a Variant of the TCP Timestamps Option",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml"
                },
                {
                  "name": "18222",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18222"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2005-0356",
        "datePublished": "2005-05-31T04:00:00.000Z",
        "dateReserved": "2005-02-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T21:13:53.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-1132 (GCVE-0-2003-1132)

    Vulnerability from cvelistv5 – Published: 2005-04-21 04:00 – Updated: 2024-09-16 16:18
    VLAI
    Summary
    The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://www.kb.cert.org/vuls/id/714121 third-party-advisoryx_refsource_CERT-VN
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:19:45.937Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml"
              },
              {
                "name": "VU#714121",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/714121"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-04-21T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml"
            },
            {
              "name": "VU#714121",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/714121"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-1132",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or \"Name Error\") instead of response code 0 (\"No Error\"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20030430-dns.shtml"
                },
                {
                  "name": "VU#714121",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/714121"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-1132",
        "datePublished": "2005-04-21T04:00:00.000Z",
        "dateReserved": "2005-04-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:18:43.199Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0352 (GCVE-0-2004-0352)

    Vulnerability from cvelistv5 – Published: 2004-03-18 05:00 – Updated: 2024-08-08 00:17
    VLAI
    Summary
    Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/9806 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/cisco-sa-200… vendor-advisoryx_refsource_CISCO
    http://www.kb.cert.org/vuls/id/363374 third-party-advisoryx_refsource_CERT-VN
    Date Public
    2004-03-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:17:14.260Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-css-udp-dos(15388)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15388"
              },
              {
                "name": "9806",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/9806"
              },
              {
                "name": "20040304 Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml"
              },
              {
                "name": "VU#363374",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/363374"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-03-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cisco-css-udp-dos(15388)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15388"
            },
            {
              "name": "9806",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/9806"
            },
            {
              "name": "20040304 Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml"
            },
            {
              "name": "VU#363374",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/363374"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0352",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cisco-css-udp-dos(15388)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15388"
                },
                {
                  "name": "9806",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/9806"
                },
                {
                  "name": "20040304 Cisco CSS 11000 Series Content Services Switches Malformed UDP Packet Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040304-css.shtml"
                },
                {
                  "name": "VU#363374",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/363374"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0352",
        "datePublished": "2004-03-18T05:00:00.000Z",
        "dateReserved": "2004-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:17:14.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0870 (GCVE-0-2002-0870)

    Vulnerability from cvelistv5 – Published: 2002-08-20 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cisco.com/warp/public/707/arrowpoint-w… vendor-advisoryx_refsource_CISCO
    Date Public
    2002-08-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:49.292Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20020814 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-08-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-08-31T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20020814 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0870",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20020814 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0870",
        "datePublished": "2002-08-20T04:00:00.000Z",
        "dateReserved": "2002-08-16T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:49.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0792 (GCVE-0-2002-0792)

    Vulnerability from cvelistv5 – Published: 2002-07-26 04:00 – Updated: 2024-08-08 03:03
    VLAI
    Summary
    The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.kb.cert.org/vuls/id/330275 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/4747 vdb-entryx_refsource_BID
    http://www.kb.cert.org/vuls/id/686939 third-party-advisoryx_refsource_CERT-VN
    http://www.securityfocus.com/bid/4748 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/css-http-pos… vendor-advisoryx_refsource_CISCO
    http://www.iss.net/security_center/static/9083.php vdb-entryx_refsource_XF
    Date Public
    2002-05-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:03:48.552Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "VU#330275",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/330275"
              },
              {
                "name": "4747",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4747"
              },
              {
                "name": "VU#686939",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/686939"
              },
              {
                "name": "4748",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4748"
              },
              {
                "name": "20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/css-http-post-pub.shtml"
              },
              {
                "name": "cisco-css-http-dos(9083)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9083.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-05-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-03-13T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "VU#330275",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/330275"
            },
            {
              "name": "4747",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4747"
            },
            {
              "name": "VU#686939",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/686939"
            },
            {
              "name": "4748",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4748"
            },
            {
              "name": "20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/css-http-post-pub.shtml"
            },
            {
              "name": "cisco-css-http-dos(9083)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9083.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0792",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "VU#330275",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/330275"
                },
                {
                  "name": "4747",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4747"
                },
                {
                  "name": "VU#686939",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/686939"
                },
                {
                  "name": "4748",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4748"
                },
                {
                  "name": "20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/css-http-post-pub.shtml"
                },
                {
                  "name": "cisco-css-http-dos(9083)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9083.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0792",
        "datePublished": "2002-07-26T04:00:00.000Z",
        "dateReserved": "2002-07-25T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:03:48.552Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0622 (GCVE-0-2001-0622)

    Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
    VLAI
    Summary
    The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/1848 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/2806 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/arrowpoint-w… vendor-advisoryx_refsource_CISCO
    Date Public
    2001-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:30:06.057Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-css-web-management(6631)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6631"
              },
              {
                "name": "1848",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/1848"
              },
              {
                "name": "2806",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2806"
              },
              {
                "name": "20010531 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-03-01T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "cisco-css-web-management(6631)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6631"
            },
            {
              "name": "1848",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/1848"
            },
            {
              "name": "2806",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2806"
            },
            {
              "name": "20010531 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0622",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "cisco-css-web-management(6631)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6631"
                },
                {
                  "name": "1848",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/1848"
                },
                {
                  "name": "2806",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2806"
                },
                {
                  "name": "20010531 Cisco Content Service Switch 11000 Series Web Management Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0622",
        "datePublished": "2002-03-09T05:00:00.000Z",
        "dateReserved": "2001-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:30:06.057Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2001-0621 (GCVE-0-2001-0621)

    Vulnerability from cvelistv5 – Published: 2002-03-09 05:00 – Updated: 2024-08-08 04:30
    VLAI
    Summary
    The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.ciac.org/ciac/bulletins/l-085.shtml third-party-advisorygovernment-resourcex_refsource_CIAC
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/2745 vdb-entryx_refsource_BID
    http://www.cisco.com/warp/public/707/arrowpoint-f… vendor-advisoryx_refsource_CISCO
    http://www.osvdb.org/1834 vdb-entryx_refsource_OSVDB
    Date Public
    2001-05-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T04:30:05.966Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "L-085",
                "tags": [
                  "third-party-advisory",
                  "government-resource",
                  "x_refsource_CIAC",
                  "x_transferred"
                ],
                "url": "http://www.ciac.org/ciac/bulletins/l-085.shtml"
              },
              {
                "name": "cisco-css-ftp-commands(6557)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6557"
              },
              {
                "name": "2745",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/2745"
              },
              {
                "name": "20010517 Cisco Content Service Switch 11000 Series FTP Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml"
              },
              {
                "name": "1834",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/1834"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2001-05-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-03-01T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "L-085",
              "tags": [
                "third-party-advisory",
                "government-resource",
                "x_refsource_CIAC"
              ],
              "url": "http://www.ciac.org/ciac/bulletins/l-085.shtml"
            },
            {
              "name": "cisco-css-ftp-commands(6557)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6557"
            },
            {
              "name": "2745",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/2745"
            },
            {
              "name": "20010517 Cisco Content Service Switch 11000 Series FTP Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml"
            },
            {
              "name": "1834",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/1834"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2001-0621",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "L-085",
                  "refsource": "CIAC",
                  "url": "http://www.ciac.org/ciac/bulletins/l-085.shtml"
                },
                {
                  "name": "cisco-css-ftp-commands(6557)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6557"
                },
                {
                  "name": "2745",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/2745"
                },
                {
                  "name": "20010517 Cisco Content Service Switch 11000 Series FTP Vulnerability",
                  "refsource": "CISCO",
                  "url": "http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml"
                },
                {
                  "name": "1834",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/1834"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2001-0621",
        "datePublished": "2002-03-09T05:00:00.000Z",
        "dateReserved": "2001-07-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T04:30:05.966Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }