Cisco CBOS ICMP DoS

2001-05-22T00:00:00
ID OSVDB:5573
Type osvdb
Reporter OSVDB
Modified 2001-05-22T00:00:00

Description

Vulnerability Description

Cisco CBOS router software for small CPE routers contains a flaw that may allow a remote denial of service. The issue is triggered when the router receives ICMP ECHO requests containing the record route option, and will result in loss of availability for the router and connectivity for the network.

Solution Description

Upgrade the router firmware to CBOS version 2.3.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Cisco CBOS router software for small CPE routers contains a flaw that may allow a remote denial of service. The issue is triggered when the router receives ICMP ECHO requests containing the record route option, and will result in loss of availability for the router and connectivity for the network.

References:

Vendor Specific Advisory URL Security Tracker: 1001591 ISS X-Force ID: 7298 CVE-2001-0752 CIAC Advisory: l-086