Overview
A vulnerability in Cisco CatOS may allow a remote attacker to cause a denial of service on an affected device.
Description
Cisco's CatOS is an operating system that runs on some Cisco Catalyst switch products. A vulnerability in the way that TCP services on CatOS handle malformed connection attempts may allow a remote attacker to cause a denial of service on an affected device. According to the Cisco advisory on this issue: A TCP-ACK DoS attack is conducted by not sending the regular final ACK required for a 3-way TCP handshake to complete, and instead sending an invalid response to move the connection to an invalid TCP state. This attack can be initiated from a remote spoofed source. |
Impact
A remote attacker may cause the affected devices to stop functioning and reload. |
Solution
Apply a patch from the vendor |
Workarounds
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.
This document was written by Chad R Dougherty based on information provided by Cisco Systems.
Other Information
CVE IDs: | CVE-2004-0551 |
Severity Metric: | 4.50 |
Date Public: | 2004-06-09 |
Date First Published: | 2004-06-15 |
Date Last Updated: | 2004-07-16 14:08 UTC |
Document Revision: | 18 |