Catos

catos

Vendor: Cisco • 17 CVEs

CVEs (17)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2008-4963 1Cisco 2Catos Ios Apr 23, 2026 Nov 6, 2008 N/A· v4 N/A· v3 7.1 HIGH· v2 Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or...Show more Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port.Show less
CVE-2007-5651 1Cisco 2Catos Ios Apr 23, 2026 Oct 23, 2007 N/A· v4 N/A· v3 7.1 HIGH· v2 Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco swit...Show more Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet.Show less
CVE-2007-5134 1Cisco 9Catalyst 6500 Catalyst 6500 Ws Svc Nam 1Catalyst 6500 Ws Svc Nam 2+6 more Apr 23, 2026 Sep 27, 2007 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which networ...Show more Cisco Catalyst 6500 and Cisco 7600 series devices use 127/8 IP addresses for Ethernet Out-of-Band Channel (EOBC) internal communication, which might allow remote attackers to send packets to an interface for which network exposure was unintended.Show less
CVE-2006-4775 1Cisco 2Catos Ios Apr 16, 2026 Sep 14, 2006 N/A· v4 N/A· v3 7.8 HIGH· v2 The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x8000000...Show more The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.Show less
CVE-2005-4258 1Cisco 71Catalyst Catalyst 1200 SeriesCatalyst 1900 Series+68 more Apr 16, 2026 Dec 15, 2005 N/A· v4 N/A· v3 7.8 HIGH· v2 Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the...Show more Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID.Show less
CVE-2004-1775 1Cisco 2Catos Ios Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.
CVE-2004-0551 1Cisco 24Catalyst 2901 Catalyst 2902Catalyst 2926+21 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of t...Show more Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."Show less
CVE-2003-1002 1Cisco 9Catalyst 6500 Catalyst 6500 Ws Svc Nam 1Catalyst 6500 Ws Svc Nam 2+6 more Apr 16, 2026 Jan 5, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
CVE-2003-1001 1Cisco 9Catalyst 6500 Catalyst 6500 Ws Svc Nam 1Catalyst 6500 Ws Svc Nam 2+6 more Apr 16, 2026 Jan 5, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ o...Show more Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication.Show less
CVE-2003-0216 1Cisco 1Catos Apr 16, 2026 May 12, 2003 N/A· v4 N/A· v3 9.3 HIGH· v2 Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
CVE-2002-2316 1Cisco 1Catos Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote a...Show more Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing.Show less
CVE-2002-1222 1Cisco 1Catos Apr 16, 2026 Oct 28, 2002 N/A· v4 N/A· v3 7.1 HIGH· v2 Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
CVE-2002-1024 1Cisco 4Catos Css11000 Content Services SwitchIos+1 more Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 7.1 HIGH· v2 Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0...Show more Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).Show less
CVE-2001-1071 1Cisco 2Catos Ios Apr 16, 2026 Oct 9, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements.
CVE-2001-0429 1Cisco 1Catos Apr 16, 2026 Jul 2, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service.
CVE-2001-0041 1Cisco 1Catos Apr 16, 2026 Feb 16, 2001 N/A· v4 N/A· v3 7.8 HIGH· v2 Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts.
CVE-2000-0267 1Cisco 1Catos Apr 16, 2026 Apr 20, 2000 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.