ID |
CVE-2004-1111
|
Summary |
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:o:cisco:ios:12.2\(14\)sz:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(14\)sz:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(18\)ew:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)ew:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(18\)ewa:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)ewa:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(18\)s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)s:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(18\)se:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)se:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(18\)sv:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)sv:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(18\)sw:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)sw:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2\(20\)ew:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(20\)ew:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*
-
cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 11-10-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
oval
via4
|
accepted | 2008-09-08T04:00:31.343-04:00 | class | vulnerability | contributors | name | Yuzheng Zhou | organization | Hewlett-Packard |
| description | Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. | family | ios | id | oval:org.mitre.oval:def:5632 | status | accepted | submitted | 2008-05-26T11:06:36.000-04:00 | title | Cisco Systems IOS DHCP Input Queue DoS Vulnerability | version | 3 |
|
refmap
via4
|
cert | TA04-316A | cert-vn | VU#630104 | ciac | P-034 | cisco | 20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service | xf | cisco-ios-dhcp-dos(18021) |
|
Last major update |
11-10-2017 - 01:29 |
Published |
10-01-2005 - 05:00 |
Last modified |
11-10-2017 - 01:29 |