Cisco IOS Port Scan DoS

2001-05-24T00:00:00
ID OSVDB:800
Type osvdb
Reporter OSVDB
Modified 2001-05-24T00:00:00

Description

Vulnerability Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when a port scanner attempts to connect to specific port ranges (100-3999, 5100-5999, 7100-7999 and 10100-10999), and will result in loss of availability for the platform.

Technical Description

An attempt to make a TCP connection to ports 3100-3999, 5100-5999, 7100-7999, and 10100-10999 will cause the router to unexpectedly reload at the next show running-config, or write memory, or any command that causes the configuration file to be accessed

Solution Description

Upgrade to version indicated by Cisco product matrix, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when a port scanner attempts to connect to specific port ranges (100-3999, 5100-5999, 7100-7999 and 10100-10999), and will result in loss of availability for the platform.

References:

Vendor Specific Advisory URL Other Advisory URL: http://archives.neohapsis.com/archives/cisco/2001-q2/0004.html Nessus Plugin ID:10977 ISS X-Force ID: 6589 CVE-2001-0750 CIAC Advisory: l-088 CERT VU: 178024 Bugtraq ID: 2804