Cisco CBOS Large Ping Packet ROMMON Mode DoS

2004-04-08T23:11:37
ID OSVDB:5541
Type osvdb
Reporter OSVDB
Modified 2004-04-08T23:11:37

Description

Vulnerability Description

Cisco CBOS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted large ICMP Echo Reply packet causing the router to reboot into ROMMON mode, and will result in loss of availability for the router.

Solution Description

Upgrade to versions 2.3.9, 2.4.1 and 2.4.2 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Cisco CBOS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted large ICMP Echo Reply packet causing the router to reboot into ROMMON mode, and will result in loss of availability for the router.

References:

Vendor Specific Advisory URL Security Tracker: 1001591 ISS X-Force ID: 7299 CVE-2001-0754