Overview
Cisco Internetwork Operating System (IOS) may reload unexpectedly after being scanned on certain ports.
Description
Certain versions of Cisco IOS contain a vulnerability that allows the router to enter an unstable state after receiving a connection attempt on any TCP port in the following ranges: 3100-3999, 5100-5999, 7100-7999, and 10100-10999. In this state, the router will reload at the next execution of "show running-config," "write memory," or any command that causes the configuration file to be accessed. |
Impact
Attackers may cause Cisco routers to reload and cause a denial of service. |
Solution
Review Cisco Systems's security advisory to determine which versions of IOS are vulnerable and which version you should obtain to eliminate this vulnerability. The advisory is available at: http://www.cisco.com/warp/public/707/ios-tcp-scanner-reload-pub.shtml |
None. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Cisco Systems for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
Other Information
| CVE IDs: | CVE-2001-0750 |
| Severity Metric: | 11.81 |
| Date Public: | 2001-05-24 |
| Date First Published: | 2001-10-25 |
| Date Last Updated: | 2001-10-25 23:44 UTC |
| Document Revision: | 12 |