| VID |
29099 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco IOS telnet service has a remote denial of service vulnerability (CISCO bug ID CSCef46191). If a Cisco device is enabled for access via Telnet or reverse Telnet, a remote attacker can trigger this vulnerability by sending a specially crafted TCP packet to a telnet or reverse telnet port of the Cisco device running IOS. Exploitation of this vulnerability may result in the denial of new telnet, reverse telnet, RSH, SSH, SCP, DLSw, protocol translation and HTTP connections to a device running IOS. Other access to the device via the console or SNMP is not affected. The device will remain in this state until the problematic TCP connection is cleared, or the device is reloaded (which will clear the problematic session).
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml
http://www.kb.cert.org/vuls/id/384230
http://www.ciac.org/ciac/bulletins/o-207.shtml
* Platforms Affected:
IOS Release 9.x, 10.x, 11.x and 12.x |
| Recommendation |
Upgrade to the fixed Cisco IOS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Cisco Telnet Denial of Service Vulnerability) at http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml .
Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com .
For details, see http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml . |
| Related URL |
(CVE) |
| Related URL |
11060 (SecurityFocus) |
| Related URL |
17131 (ISS) |
|
