Update CVE sources 2024-07-25 21:25

2026-02-12 18:42:46 +00:00 · 2024-07-25 21:25:12 +00:00
parent 1dc77909f8
commit d6bcaa53f2
1879 changed files with 18812 additions and 361 deletions
--- a/2002/CVE-2002-0071.md
+++ b/2002/CVE-2002-0071.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0071](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0071)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0072.md
+++ b/2002/CVE-2002-0072.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0072](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0072)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0073.md
+++ b/2002/CVE-2002-0073.md
@@ -11,6 +11,7 @@ The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows att

 #### Reference
 - http://marc.info/?l=bugtraq&m=101901273810598&w=2
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml

 #### Github
 No PoCs found on GitHub currently.
--- a/2002/CVE-2002-0074.md
+++ b/2002/CVE-2002-0074.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0074](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0074)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0075.md
+++ b/2002/CVE-2002-0075.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0075](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0075)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0079.md
+++ b/2002/CVE-2002-0079.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0079](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0079)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0083.md
+++ b/2002/CVE-2002-0083.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0083](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0083)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/bigb0x/CVE-2024-6387
+
--- a/2002/CVE-2002-0147.md
+++ b/2002/CVE-2002-0147.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0147)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the ASP data transfer mechanism in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to cause a denial of service or execute code, aka "Microsoft-discovered variant of Chunked Encoding buffer overrun."
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0148.md
+++ b/2002/CVE-2002-0148.md
@@ -10,6 +10,7 @@ Cross-site scripting vulnerability in Internet Information Server (IIS) 4.0, 5.0
 ### POC

 #### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
 - https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A92

 #### Github
--- a/2002/CVE-2002-0149.md
+++ b/2002/CVE-2002-0149.md
@@ -10,6 +10,7 @@ Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allo
 ### POC

 #### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
 - https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A95

 #### Github
--- a/2002/CVE-2002-0150.md
+++ b/2002/CVE-2002-0150.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0150)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to spoof the safety check for HTTP headers and cause a denial of service or execute arbitrary code via HTTP header field values.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Microsoft-IIS-vulnerabilities-MS02-018.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0159.md
+++ b/2002/CVE-2002-0159.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0159](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0159)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN  module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0160.md
+++ b/2002/CVE-2002-0160.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0160](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0160)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0339.md
+++ b/2002/CVE-2002-0339.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0339](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0339)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/IOS-CEF-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0505.md
+++ b/2002/CVE-2002-0505.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0505)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/callmanager-ctifw-leak-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0545.md
+++ b/2002/CVE-2002-0545.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0545](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0545)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Aironet-Telnet.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0769.md
+++ b/2002/CVE-2002-0769.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0769](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0769)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0778.md
+++ b/2002/CVE-2002-0778.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0778](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0778)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0792.md
+++ b/2002/CVE-2002-0792.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0792](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0792)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/css-http-post-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0813.md
+++ b/2002/CVE-2002-0813.md
@@ -11,6 +11,7 @@ Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2

 #### Reference
 - http://marc.info/?l=bugtraq&m=103002169829669&w=2
+- http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml

 #### Github
 No PoCs found on GitHub currently.
--- a/2002/CVE-2002-0848.md
+++ b/2002/CVE-2002-0848.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0848)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn5k-radius-pap-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0852.md
+++ b/2002/CVE-2002-0852.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0852](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0852)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0853.md
+++ b/2002/CVE-2002-0853.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0853](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0853)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0870.md
+++ b/2002/CVE-2002-0870.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0870)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0880.md
+++ b/2002/CVE-2002-0880.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0880)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2."
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0881.md
+++ b/2002/CVE-2002-0881.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0881](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0881)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0882.md
+++ b/2002/CVE-2002-0882.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0882)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/multiple-ip-phone-vulnerabilities-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0886.md
+++ b/2002/CVE-2002-0886.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0886](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0886)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/CBOS-DoS.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-0952.md
+++ b/2002/CVE-2002-0952.md
@@ -0,0 +1,17 @@
+### [CVE-2002-0952](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0952)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-tos-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1024.md
+++ b/2002/CVE-2002-1024.md
@@ -10,7 +10,7 @@ Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cau
 ### POC

 #### Reference
-No PoCs from references.
+- http://www.cisco.com/warp/public/707/SSH-scanning.shtml

 #### Github
 - https://github.com/phx/cvescan
--- a/2002/CVE-2002-1092.md
+++ b/2002/CVE-2002-1092.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1092](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1092)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1093.md
+++ b/2002/CVE-2002-1093.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1093](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1093)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1094.md
+++ b/2002/CVE-2002-1094.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1094](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1094)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1095.md
+++ b/2002/CVE-2002-1095.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1095](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1095)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1096.md
+++ b/2002/CVE-2002-1096.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1096](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1096)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1097.md
+++ b/2002/CVE-2002-1097.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1097)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1098.md
+++ b/2002/CVE-2002-1098.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1098)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1099.md
+++ b/2002/CVE-2002-1099.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1099)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1100.md
+++ b/2002/CVE-2002-1100.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1100)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1101.md
+++ b/2002/CVE-2002-1101.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1101)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1102.md
+++ b/2002/CVE-2002-1102.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1102](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1102)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1103.md
+++ b/2002/CVE-2002-1103.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1103](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1103)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1104.md
+++ b/2002/CVE-2002-1104.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1104](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1104)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS).
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1105.md
+++ b/2002/CVE-2002-1105.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1105](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1105)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1106.md
+++ b/2002/CVE-2002-1106.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1106](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1106)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1107.md
+++ b/2002/CVE-2002-1107.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1107](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1107)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1108.md
+++ b/2002/CVE-2002-1108.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1108)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1131.md
+++ b/2002/CVE-2002-1131.md
@@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/0xget/cve-2001-1473
 - https://github.com/ARPSyndicate/kenzer-templates
 - https://github.com/POORVAJA-195/Nuclei-Analysis-main
+- https://github.com/gnarkill78/CSA_S2_2024

--- a/2002/CVE-2002-1137.md
+++ b/2002/CVE-2002-1137.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1137](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1137)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1145.md
+++ b/2002/CVE-2002-1145.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1145](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1145)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an attacker to gain privileges by updating a webtask that is owned by the database owner through the msdb.dbo.mswebtasks table, which does not have strong permissions.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/cisco-sa-20030126-ms02-061.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1189.md
+++ b/2002/CVE-2002-1189.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1189](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1189)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in the predefined restriction tables, which could allow authenticated users to place international calls using call forwarding.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/toll-fraud-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1190.md
+++ b/2002/CVE-2002-1190.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1190)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to gain access and place arbitrary calls.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/toll-fraud-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1222.md
+++ b/2002/CVE-2002-1222.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1222](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1222)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/catos-http-overflow-vuln.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1447.md
+++ b/2002/CVE-2002-1447.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1447](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1447)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/cisco-unix-vpnclient-buffer-overflow-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1491.md
+++ b/2002/CVE-2002-1491.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1491](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1491)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1492.md
+++ b/2002/CVE-2002-1492.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1492](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1492)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1553.md
+++ b/2002/CVE-2002-1553.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1553](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1553)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system configuration and delete files by establishing an FTP connection to the TCC, TCC+ or XTC using a username and password that does not exist.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1554.md
+++ b/2002/CVE-2002-1554.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1554](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1554)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1555.md
+++ b/2002/CVE-2002-1555.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1555](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1555)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot be changed, which allows remote attackers to obtain sensitive information.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1556.md
+++ b/2002/CVE-2002-1556.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1556)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset) via an HTTP request to the TCC, TCC+ or XTC, in which the request contains an invalid CORBA Interoperable Object Reference (IOR).
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1557.md
+++ b/2002/CVE-2002-1557.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1557](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1557)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1558.md
+++ b/2002/CVE-2002-1558.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1558](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1558)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System in the TCC, TCC+ and XTC that cannot be changed or disabled, which allows remote attackers to gain privileges by connecting to the account via Telnet.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/ons-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1595.md
+++ b/2002/CVE-2002-1595.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1595](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1595)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1596.md
+++ b/2002/CVE-2002-1596.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1596)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1597.md
+++ b/2002/CVE-2002-1597.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1597](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1597)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-1706.md
+++ b/2002/CVE-2002-1706.md
@@ -0,0 +1,17 @@
+### [CVE-2002-1706](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1706)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/cmts-MD5-bypass-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-2037.md
+++ b/2002/CVE-2002-2037.md
@@ -0,0 +1,17 @@
+### [CVE-2002-2037](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2037)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/Solaris-for-MGC-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-2139.md
+++ b/2002/CVE-2002-2139.md
@@ -0,0 +1,17 @@
+### [CVE-2002-2139](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2139)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-2140.md
+++ b/2002/CVE-2002-2140.md
@@ -0,0 +1,17 @@
+### [CVE-2002-2140](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2140)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-2208.md
+++ b/2002/CVE-2002-2208.md
@@ -0,0 +1,17 @@
+### [CVE-2002-2208](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2208)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/eigrp_issue.pdf
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2002/CVE-2002-2239.md
+++ b/2002/CVE-2002-2239.md
@@ -0,0 +1,17 @@
+### [CVE-2002-2239](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2239)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet.
+
+### POC
+
+#### Reference
+- http://www.cisco.com/warp/public/707/osm-lc-ios-pkt-vuln-pub.shtml
+
+#### Github
+No PoCs found on GitHub currently.
+