Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug ID CSCus44909.

Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408.

Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097.

Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type of TCP traffic flood, aka Bug IDs CSCus50642, CSCus50662, CSCus50625, CSCus50657, and CSCus68315.