Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.

Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.

The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.

The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.

In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters.

Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port.