Follow @discotekdotca
CVE-2000-0268
Current Description
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.
Basic Data
| Published | April 20, 2000 |
|---|---|
| Last Modified | September 10, 2008 |
| Assigner | cve@mitre.org |
| Data Type | CVE |
| Data Format | MITRE |
| Data Version | 4.0 |
| Problem Type | NVD-CWE-Other |
| CVE Data Version | 4.0 |
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|---|
| CVSS 2 - Vector String | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| CVSS 2 - Access Vector | NETWORK |
| CVSS 2 - Access Complexity | LOW |
| CVSS 2 - Authentication | NONE |
| CVSS 2 - Confidentiality Impact | NONE |
| CVSS 2 - Availability Impact | PARTIAL |
| CVSS 2 - Base Score | 5.0 |
| Severity | MEDIUM |
| Exploitability Score | 10.0 |
| Impact Score | 2.9 |
| Obtain All Privilege | false |
| Obtain User Privilege | false |
| Obtain Other Privilege | false |
Base Metric V3
No data provided.
Configurations
-
AND
-
OR - Configuration 1
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 OS Cisco Ios 11.3aa * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(2) * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(2)xc * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(2)xd * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(2)xf * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(2)xg * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(3)t2 * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(4) * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(4)s * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(4)t * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(5) * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(6) * * * * * * * � � � � 2.3 OS Cisco Ios 12.0(7)t * * * * * * * � � � � -
OR Running on/with:
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Application Cisco Accesspath ls-3 * * * * * * * � � � � 2.3 Application Cisco Accesspath ts-3 * * * * * * * � � � � 2.3 Application Cisco Accesspath vs-3 * * * * * * * � � � � 2.3 Application Cisco As5200 * * * * * * * * � � � � 2.3 Application Cisco As5300 * * * * * * * * � � � � 2.3 Application Cisco As5800 * * * * * * * * � � � � 2.3 Application Cisco System Controller 3640 * * * * * * * * � � � � 2.3 Hardware Cisco Voice Gateway As5800 * * * * * * * * � � � �
-
OR - Configuration 1
-
OR - Configuration 2
Cpe Version Part Vendor Product Version Update Edition Language SW Edition Target SW Target HW Other Version Start Including Version End Including Version Start Excluding Version End Excluding 2.3 Hardware Cisco 3660 Router * * * * * * * * � � � � 2.3 Hardware Cisco 7100 Router * * * * * * * * � � � � 2.3 Hardware Cisco 7200 Router * * * * * * * * � � � � 2.3 Hardware Cisco 7500 Router * * * * * * * * � � � � 2.3 Hardware Cisco Ubr7200 * * * * * * * * � � � �
Vulnerable Software List
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Voice Gateway As5800 | * |
| Cisco | 3660 Router | * |
| Cisco | 7100 Router | * |
| Cisco | 7200 Router | * |
| Cisco | 7500 Router | * |
| Cisco | Ubr7200 | * |
| Cisco | Accesspath | ls-3, ts-3, vs-3 |
| Cisco | Ios | 11.3aa, 12.0(2), 12.0(2)xc, 12.0(2)xd, 12.0(2)xf, 12.0(2)xg, 12.0(3)t2, 12.0(4), 12.0(4)s, 12.0(4)t, 12.0(5), 12.0(6), 12.0(7)t |
| Cisco | As5200 | * |
| Cisco | As5300 | * |
| Cisco | As5800 | * |
| Cisco | System Controller 3640 | * |
References
| Name | Source | URL | Tags |
|---|---|---|---|
| 20000420 Cisco IOS Software TELNET Option Handling Vulnerability | http://www.cisco.com/warp/public/707/iostelnetopt-pub.shtml | CISCO | Patch Vendor Advisory |
| 1289 | http://www.osvdb.org/1289 | OSVDB | |
| 1123 | http://www.securityfocus.com/bid/1123 | BID |