CVE-2004-1111

Current Description

Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Basic Data

PublishedJanuary 10, 2005
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSCiscoIos12.2(14)sz*******
      2.3OSCiscoIos12.2(18)ew*******
      2.3OSCiscoIos12.2(18)ewa*******
      2.3OSCiscoIos12.2(18)s*******
      2.3OSCiscoIos12.2(18)se*******
      2.3OSCiscoIos12.2(18)sv*******
      2.3OSCiscoIos12.2(18)sw*******
      2.3OSCiscoIos12.2(20)ew*******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoMultiservice Platform 2650********
      2.3HardwareCiscoMultiservice Platform 2650xm********
      2.3HardwareCiscoMultiservice Platform 2651********
      2.3HardwareCiscoMultiservice Platform 2651xm********
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3HardwareCisco7200 Router********
    2.3HardwareCisco7300 Router********
    2.3HardwareCisco7500 Router********
    2.3HardwareCisco7600 Router********
    2.3HardwareCiscoCatalyst 7600**sup720_msfc3*****

Vulnerable Software List

VendorProductVersions
Cisco Catalyst 7600 *
Cisco 7200 Router *
Cisco 7500 Router *
Cisco Multiservice Platform 2650 *
Cisco Multiservice Platform 2650xm *
Cisco Multiservice Platform 2651 *
Cisco Multiservice Platform 2651xm *
Cisco 7300 Router *
Cisco Ios 12.2(14)sz, 12.2(18)ew, 12.2(18)ewa, 12.2(18)s, 12.2(18)se, 12.2(18)sv, 12.2(18)sw, 12.2(20)ew
Cisco 7600 Router *

References

NameSourceURLTags
P-034http://www.ciac.org/ciac/bulletins/p-034.shtmlCIAC
20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Servicehttp://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtmlCISCO
VU#630104http://www.kb.cert.org/vuls/id/630104CERT-VNThird Party Advisory US Government Resource
TA04-316Ahttp://www.us-cert.gov/cas/techalerts/TA04-316A.htmlCERTUS Government Resource
cisco-ios-dhcp-dos(18021)https://exchange.xforce.ibmcloud.com/vulnerabilities/18021XF
oval:org.mitre.oval:def:5632https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632OVAL