cvelistv5 - cve-2004-1111

CVE-2004-1111 (GCVE-0-2004-1111)

Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.us-cert.gov/cas/techalerts/TA04-316A.html	third-party-advisoryx_refsource_CERT
	http://www.cisco.com/warp/public/707/cisco-sa-200…	vendor-advisoryx_refsource_CISCO
	http://www.kb.cert.org/vuls/id/630104	third-party-advisoryx_refsource_CERT-VN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.ciac.org/ciac/bulletins/p-034.shtml	third-party-advisorygovernment-resourcex_refsource_CIAC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:39:00.865Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:5632",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
          },
          {
            "name": "TA04-316A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
          },
          {
            "name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
          },
          {
            "name": "VU#630104",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/630104"
          },
          {
            "name": "cisco-ios-dhcp-dos(18021)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
          },
          {
            "name": "P-034",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:5632",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
        },
        {
          "name": "TA04-316A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
        },
        {
          "name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
        },
        {
          "name": "VU#630104",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/630104"
        },
        {
          "name": "cisco-ios-dhcp-dos(18021)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
        },
        {
          "name": "P-034",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1111",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:5632",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
            },
            {
              "name": "TA04-316A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
            },
            {
              "name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
            },
            {
              "name": "VU#630104",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/630104"
            },
            {
              "name": "cisco-ios-dhcp-dos(18021)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
            },
            {
              "name": "P-034",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1111",
    "datePublished": "2004-12-01T05:00:00",
    "dateReserved": "2004-11-30T00:00:00",
    "dateUpdated": "2024-08-08T00:39:00.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(14\\\\)sz:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6D9BA55-F193-4BCA-ACC2-BBC892E9D7E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)ew:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E49B392-5366-422D-A10E-EE4F3A33C4B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)ewa:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EF707A6-5834-4295-8B38-17F279D49C82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)s:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D0E67EE-AF42-4B53-B70A-45562CE164D0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)se:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E319ADC-C636-4933-BD50-B613677AD4C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)sv:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A15042D-EB07-4754-8144-947CDE669CAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)sw:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E58F4903-E834-4476-876F-8C144BD93D4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:ios:12.2\\\\(20\\\\)ew:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"955BF110-FFBE-4368-BE06-21AC794C53AB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"92D41983-E6A8-4481-AA08-42DC92EC57EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A6E0CA8-C89C-4CDD-8063-B10E6C122F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19293B13-7FB1-4604-923D-E8760902E8BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6E13135-48E1-4D8C-9C0D-4EBD9A858CBD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"60DEA083-B9BC-42DB-A4F7-986A5A185DE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"239E1E03-7F82-48CE-943A-9228C9EDCF9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCFAA111-F831-4BC9-BCD7-246ED6C0F3FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9097F459-1AE3-4924-8E81-046F84FBB041\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*\", \"matchCriteriaId\": \"6D4F49E8-9C23-422C-9913-9C11E7F9BF9B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \\\"no service dhcp\\\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.\"}]",
      "id": "CVE-2004-1111",
      "lastModified": "2024-11-20T23:50:07.587",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-01-10T05:00:00.000",
      "references": "[{\"url\": \"http://www.ciac.org/ciac/bulletins/p-034.shtml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/630104\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA04-316A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/18021\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ciac.org/ciac/bulletins/p-034.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/630104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA04-316A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/18021\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-1111\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-01-10T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \\\"no service dhcp\\\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(14\\\\)sz:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6D9BA55-F193-4BCA-ACC2-BBC892E9D7E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)ew:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E49B392-5366-422D-A10E-EE4F3A33C4B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)ewa:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF707A6-5834-4295-8B38-17F279D49C82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D0E67EE-AF42-4B53-B70A-45562CE164D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)se:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E319ADC-C636-4933-BD50-B613677AD4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)sv:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A15042D-EB07-4754-8144-947CDE669CAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(18\\\\)sw:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E58F4903-E834-4476-876F-8C144BD93D4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios:12.2\\\\(20\\\\)ew:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"955BF110-FFBE-4368-BE06-21AC794C53AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92D41983-E6A8-4481-AA08-42DC92EC57EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A6E0CA8-C89C-4CDD-8063-B10E6C122F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19293B13-7FB1-4604-923D-E8760902E8BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6E13135-48E1-4D8C-9C0D-4EBD9A858CBD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60DEA083-B9BC-42DB-A4F7-986A5A185DE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"239E1E03-7F82-48CE-943A-9228C9EDCF9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCFAA111-F831-4BC9-BCD7-246ED6C0F3FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9097F459-1AE3-4924-8E81-046F84FBB041\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*\",\"matchCriteriaId\":\"6D4F49E8-9C23-422C-9913-9C11E7F9BF9B\"}]}]}],\"references\":[{\"url\":\"http://www.ciac.org/ciac/bulletins/p-034.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/630104\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA04-316A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/18021\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ciac.org/ciac/bulletins/p-034.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/630104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA04-316A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/18021\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200501-0257

Vulnerability from variot - Updated: 2023-12-18 12:59

Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. A denial-of-service vulnerability exists in Cisco's Internetwork Operating System (IOS). This vulnerability may allow remote attackers to conduct denial-of-service attacks on an affected device. 7600 is prone to a denial-of-service vulnerability. Reportedly, DHCP packets containing certain unspecified content have the capability to block the input queue of interfaces on affected devices. Once an input queue is blocked, further ARP, and routing protocol packets will not be processed. This condition can only be corrected by rebooting the affected device. An attacker with the ability to send malicious DHCP packets to an affected device may be able to interrupt the routing services of the affected device, potentially denying further network service to legitimate users. Cisco IOS is the system used by Cisco networking equipment. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

              Technical Cyber Security Alert TA04-316A 
                Cisco IOS Input Queue Vulnerability

Original release date: November 11, 2004 Last revised: -- Source: US-CERT

Systems Affected

 * Cisco routers, switches, and line cards running vulnerable
   versions of IOS

   The following versions of IOS are known to be affected:

     * 12.2(18)EW
     * 12.2(18)EWA
     * 12.2(18)S
     * 12.2(18)SE
     * 12.2(18)SV
     * 12.2(18)SW
     * 12.2(14)SZ

Overview

There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.

I. Description

The Dynamic Host Configuration Protocol (DHCP) provides a means for distributing configuration information to hosts on a TCP/IP network.The Cisco Internetwork Operating System (IOS) contains a vulnerability that allows malformed DHCP packets to cause an affected device to stop processing incoming network traffic. Cisco devices can act as a DHCP server, providing host configuration information to clients, or they can forward DHCP and BootP requests as a relay agent. The affected devices have the DHCP service enabled by default and will accept and process incoming DHCP packets. When the queue becomes full, the device will stop accepting all traffic on that interface, not just DHCP traffic.

The DHCP service is enabled by default in IOS. DHCP can only be disabled when the no service dhcp command is specified in the running configuration. Cisco notes the following in their advisory:

   "Cisco routers are configured to process and accept DHCP
   packets by default, therefore the command service dhcp does not
   appear in the running configuration display, and only the
   command for the disabled feature, no service dhcp, will appear
   in the running configuration display when the feature is
   disabled. The vulnerability is present, regardless if the DHCP
   server or relay agent configurations are present on an affected
   product. US-CERT is tracking this

issue as VU#630104.

II. Repeated exploitation of this vulnerability could lead to a sustained denial-of-service condition. In order to regain functionality, the device must be rebooted to clear the input queue on the interface.

III. Solution

Upgrade to fixed versions of IOS

Cisco has published detailed information about upgrading affected Cisco IOS software to correct this vulnerability. System managers are encouraged to upgrade to one of the non-vulnerable releases. For additional information regarding availability of repaired releases, please refer to the "Software Versions and Fixes" section of the Cisco Security Advisory.

Workarounds

Cisco recommends a number of workarounds. For a complete list of workarounds, see the Cisco Security Advisory.

Appendix A. References

 * Vulnerability Note VU#630104 -
   <http://www.kb.cert.org/vuls/id/630104>

 * Cisco Security Advisory: "Cisco IOS DHCP Blocked Interface
   Denial-of-Service" -
   <http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
   >

US-CERT thanks Cisco Systems for notifying us about this problem.

Feedback can be directed to the authors: Jeff Havrilla, Damon Morda, and Jason Rafail

This document is available from:

  <http://www.us-cert.gov/cas/techalerts/TA04-316A.html>

Revision History

Nov 11, 2004: Initial release

                  Last updated November 11, 2004

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBQZP5KBhoSezw4YfQAQLfEAgAlabhwlqCsQXLVFjedNKxa2CmRPYta5aC GXy6I+TDAVv7V57pz4QE4LxreUEb2vyc8CE4TWUy5PL7+tR0IEduur7XXnOs13Is O77GyYxBzxtOi+12zAui2wVM8gepobMS6JwYY7V5tyCRZ7mT7lGkVXzO2xHwFsM7 l6meXU/3eO0AjUv5NmJWBuWuGcPny3qyy3M4rgAcRCXIEWaVMnSCAALfSfPS6Ea8 6qYTmXOCbOnEC1RfdnRDgfmnWGwX5RlOPSrDJr3uS5DEkuEvFwaBnIDWMVtQUnvv oL1jZwbFVY1WNuPIosKSFSBs0U4l7RStiwSw3BF/EbgPrUBg3ugYyw== =gshZ -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0257",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(18\\)se"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(20\\)ew"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(18\\)ewa"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(18\\)s"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(18\\)sw"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(18\\)ew"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "12.2\\(14\\)sz"
      },
      {
        "model": "ios 12.2 ew",
        "scope": null,
        "trust": 1.2,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "12.2\\(18\\)sv"
      },
      {
        "model": "multiservice platform 2651",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "multiservice platform 2650",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "multiservice platform 2651xm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "7200 router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "7300 router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "7500 router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "catalyst 7600",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "multiservice platform 2650xm",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "7600 router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "7600 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup2/msfc2 and  sup720/msfc3"
      },
      {
        "model": "catalyst 3560 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 3750 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 4000 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup2plus"
      },
      {
        "model": "catalyst 4000 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup3"
      },
      {
        "model": "catalyst 4000 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup4"
      },
      {
        "model": "catalyst 4000 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup5 module"
      },
      {
        "model": "catalyst 4500 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup2plus ts"
      },
      {
        "model": "catalyst 4900 series",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst 6000 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "sup2/msfc2 and  sup720/msfc3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "12.2"
      },
      {
        "model": "ons 15500 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "ons15530"
      },
      {
        "model": "ons 15500 series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "ons15540"
      },
      {
        "model": "ios 12.2 sw",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sv",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 se",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 ewa",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sz",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7600"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7500"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7300"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "7200"
      },
      {
        "model": "2651xm multiservice platform",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "multiservice platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2651"
      },
      {
        "model": "2650xm multiservice platform",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "multiservice platform",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2650"
      },
      {
        "model": "catalyst 7600",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "sup720_msfc3"
      },
      {
        "model": "7500 router",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "7600 router",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "catalyst sup720 msfc3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7600"
      },
      {
        "model": "catalyst sup720/msfc3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7600"
      },
      {
        "model": "ios 12.2 sw",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 sv",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 se3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s4",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 ewa",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 s6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios 12.2 ew2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "db": "BID",
        "id": "90539"
      },
      {
        "db": "BID",
        "id": "11649"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ewa:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)se:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sw:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "90539"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2004-1111",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 5.0,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2004-1111",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-9541",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-1111",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#630104",
            "trust": 0.8,
            "value": "55.13"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200501-136",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-9541",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. A denial-of-service vulnerability exists in Cisco\u0027s Internetwork Operating System (IOS). This vulnerability may allow remote attackers to conduct denial-of-service attacks on an affected device. 7600 is prone to a denial-of-service vulnerability. \nReportedly, DHCP packets containing certain unspecified content have the capability to block the input queue of interfaces on affected devices. \nOnce an input queue is blocked, further ARP, and routing protocol packets will not be processed. This condition can only be corrected by rebooting the affected device. \nAn attacker with the ability to send malicious DHCP packets to an affected device may be able to interrupt the routing services of the affected device, potentially denying further network service to legitimate users. Cisco IOS is the system used by Cisco networking equipment. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n                  Technical Cyber Security Alert TA04-316A \n                    Cisco IOS Input Queue Vulnerability\n\n   Original release date: November 11, 2004\n   Last revised: --\n   Source: US-CERT\n\nSystems Affected\n\n     * Cisco routers, switches, and line cards running vulnerable\n       versions of IOS\n\n       The following versions of IOS are known to be affected:\n\n         * 12.2(18)EW\n         * 12.2(18)EWA\n         * 12.2(18)S\n         * 12.2(18)SE\n         * 12.2(18)SV\n         * 12.2(18)SW\n         * 12.2(14)SZ\n\nOverview\n\n   There is a vulnerability in the way Cisco IOS processes DHCP packets. \n   Exploitation of this vulnerability may lead to a denial of service. \n   The processing of DHCP packets is enabled by default. \n\nI. Description\n\n   The Dynamic Host Configuration Protocol (DHCP) provides a means for\n   distributing configuration information to hosts on a TCP/IP\n   network.The Cisco Internetwork Operating System (IOS) contains a\n   vulnerability that allows malformed DHCP packets to cause an affected\n   device to stop processing incoming network traffic. Cisco devices can act as a DHCP server, providing host\n   configuration information to clients, or they can forward DHCP and\n   BootP requests as a relay agent. The affected devices have the DHCP\n   service enabled by default and will accept and process incoming DHCP\n   packets. When the queue becomes full,\n   the device will stop accepting all traffic on that interface, not just\n   DHCP traffic. \n\n   The DHCP service is enabled by default in IOS. DHCP can only be\n   disabled when the no service dhcp command is specified in the running\n   configuration. Cisco notes the following in their advisory:\n\n       \"Cisco routers are configured to process and accept DHCP\n       packets by default, therefore the command service dhcp does not\n       appear in the running configuration display, and only the\n       command for the disabled feature, no service dhcp, will appear\n       in the running configuration display when the feature is\n       disabled. The vulnerability is present, regardless if the DHCP\n       server or relay agent configurations are present on an affected\n       product. US-CERT is tracking this\n   issue as VU#630104. \n\nII. Repeated exploitation of this\n   vulnerability could lead to a sustained denial-of-service condition. \n   In order to regain functionality, the device must be rebooted to clear\n   the input queue on the interface. \n\nIII. Solution\n\nUpgrade to fixed versions of IOS\n\n   Cisco has published detailed information about upgrading affected\n   Cisco IOS software to correct this vulnerability. System managers are\n   encouraged to upgrade to one of the non-vulnerable releases. For\n   additional information regarding availability of repaired releases,\n   please refer to the \"Software Versions and Fixes\" section of the Cisco\n   Security Advisory. \n\nWorkarounds\n\n   Cisco recommends a number of workarounds. For a complete list of\n   workarounds, see the Cisco Security Advisory. \n\nAppendix A. References\n\n     * Vulnerability Note VU#630104 -\n       \u003chttp://www.kb.cert.org/vuls/id/630104\u003e\n\n     * Cisco Security Advisory: \"Cisco IOS DHCP Blocked Interface\n       Denial-of-Service\" -\n       \u003chttp://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml\n       \u003e\n   _________________________________________________________________\n\n   US-CERT thanks Cisco Systems for notifying us about this problem. \n   _________________________________________________________________\n\n   Feedback can be directed to the authors: Jeff Havrilla, Damon Morda,\n   and Jason Rafail \n\n   _________________________________________________________________\n\n   This document is available from:\n   \n      \u003chttp://www.us-cert.gov/cas/techalerts/TA04-316A.html\u003e\n   \n   _________________________________________________________________\n\n   Copyright 2004 Carnegie Mellon University. \n   \n   Terms of use: \u003chttp://www.us-cert.gov/legal.html\u003e\n  _________________________________________________________________\n\n   Revision History\n\n   Nov 11, 2004: Initial release\n\n                      Last updated November 11, 2004 \n\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQZP5KBhoSezw4YfQAQLfEAgAlabhwlqCsQXLVFjedNKxa2CmRPYta5aC\nGXy6I+TDAVv7V57pz4QE4LxreUEb2vyc8CE4TWUy5PL7+tR0IEduur7XXnOs13Is\nO77GyYxBzxtOi+12zAui2wVM8gepobMS6JwYY7V5tyCRZ7mT7lGkVXzO2xHwFsM7\nl6meXU/3eO0AjUv5NmJWBuWuGcPny3qyy3M4rgAcRCXIEWaVMnSCAALfSfPS6Ea8\n6qYTmXOCbOnEC1RfdnRDgfmnWGwX5RlOPSrDJr3uS5DEkuEvFwaBnIDWMVtQUnvv\noL1jZwbFVY1WNuPIosKSFSBs0U4l7RStiwSw3BF/EbgPrUBg3ugYyw==\n=gshZ\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "db": "BID",
        "id": "90539"
      },
      {
        "db": "BID",
        "id": "11649"
      },
      {
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "db": "PACKETSTORM",
        "id": "35029"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#630104",
        "trust": 3.7
      },
      {
        "db": "USCERT",
        "id": "TA04-316A",
        "trust": 2.9
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1111",
        "trust": 2.8
      },
      {
        "db": "XF",
        "id": "18021",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "11649",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20041110 CISCO SECURITY ADVISORY: CISCO IOS DHCP BLOCKED INTERFACE DENIAL-OF-SERVICE",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:5632",
        "trust": 0.6
      },
      {
        "db": "CIAC",
        "id": "P-034",
        "trust": 0.6
      },
      {
        "db": "TECHNICAL ALERT",
        "id": "TA04-316A",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "90539",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-9541",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "35029",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "db": "BID",
        "id": "90539"
      },
      {
        "db": "BID",
        "id": "11649"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "db": "PACKETSTORM",
        "id": "35029"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "id": "VAR-200501-0257",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-9541"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:59:31.176000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20041110-dhcp",
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.2,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
      },
      {
        "trust": 2.8,
        "url": "http://www.us-cert.gov/cas/techalerts/ta04-316a.html"
      },
      {
        "trust": 2.8,
        "url": "http://www.kb.cert.org/vuls/id/630104"
      },
      {
        "trust": 2.8,
        "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://xforce.iss.net/xforce/xfdb/18021"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5632"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
      },
      {
        "trust": 0.8,
        "url": "http://www.ietf.org/rfc/rfc2131.txt"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-1111"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/wr/2004/wr044501.txt"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta04-316a"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/trta04-316a"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-1111"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/11649"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5632"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta04-316a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/id/630104\u003e"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "db": "BID",
        "id": "90539"
      },
      {
        "db": "BID",
        "id": "11649"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "db": "PACKETSTORM",
        "id": "35029"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "db": "BID",
        "id": "90539"
      },
      {
        "db": "BID",
        "id": "11649"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "db": "PACKETSTORM",
        "id": "35029"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-11-10T00:00:00",
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "date": "2005-01-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "date": "2005-01-10T00:00:00",
        "db": "BID",
        "id": "90539"
      },
      {
        "date": "2004-11-10T00:00:00",
        "db": "BID",
        "id": "11649"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "date": "2004-11-12T23:58:09",
        "db": "PACKETSTORM",
        "id": "35029"
      },
      {
        "date": "2005-01-10T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "date": "2005-01-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-11-11T00:00:00",
        "db": "CERT/CC",
        "id": "VU#630104"
      },
      {
        "date": "2017-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-9541"
      },
      {
        "date": "2005-01-10T00:00:00",
        "db": "BID",
        "id": "90539"
      },
      {
        "date": "2004-11-10T00:00:00",
        "db": "BID",
        "id": "11649"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000485"
      },
      {
        "date": "2017-10-11T01:29:41.777000",
        "db": "NVD",
        "id": "CVE-2004-1111"
      },
      {
        "date": "2009-03-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "90539"
      },
      {
        "db": "BID",
        "id": "11649"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco IOS fails to properly handle malformed DHCP packets",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#630104"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "unknown",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200501-136"
      }
    ],
    "trust": 0.6
  }
}

GHSA-3RRQ-MWRQ-44VC

Vulnerability from github – Published: 2022-04-29 02:59 – Updated: 2022-04-29 02:59

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-1111"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-01-10T05:00:00Z",
    "severity": "MODERATE"
  },
  "details": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.",
  "id": "GHSA-3rrq-mwrq-44vc",
  "modified": "2022-04-29T02:59:00Z",
  "published": "2022-04-29T02:59:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-1111"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
    },
    {
      "type": "WEB",
      "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/630104"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2004-1111

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2004-1111

Aliases

CVE-2004-1111

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-1111",
    "description": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.",
    "id": "GSD-2004-1111"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-1111"
      ],
      "details": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.",
      "id": "GSD-2004-1111",
      "modified": "2023-12-13T01:22:56.509466Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-1111",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "oval:org.mitre.oval:def:5632",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
          },
          {
            "name": "TA04-316A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
          },
          {
            "name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
          },
          {
            "name": "VU#630104",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/630104"
          },
          {
            "name": "cisco-ios-dhcp-dos(18021)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
          },
          {
            "name": "P-034",
            "refsource": "CIAC",
            "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ewa:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)se:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sw:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1111"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#630104",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/630104"
            },
            {
              "name": "20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service",
              "refsource": "CISCO",
              "tags": [],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
            },
            {
              "name": "P-034",
              "refsource": "CIAC",
              "tags": [],
              "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
            },
            {
              "name": "TA04-316A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
            },
            {
              "name": "cisco-ios-dhcp-dos(18021)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
            },
            {
              "name": "oval:org.mitre.oval:def:5632",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-10-11T01:29Z",
      "publishedDate": "2005-01-10T05:00Z"
    }
  }
}

FKIE_CVE-2004-1111

Vulnerability from fkie_nvd - Published: 2005-01-10 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://www.ciac.org/ciac/bulletins/p-034.shtml
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
cve@mitre.org	http://www.kb.cert.org/vuls/id/630104	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.us-cert.gov/cas/techalerts/TA04-316A.html	US Government Resource
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18021
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/p-034.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/630104	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA04-316A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18021
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632

Impacted products

Vendor	Product	Version
cisco	ios	12.2\(14\)sz
cisco	ios	12.2\(18\)ew
cisco	ios	12.2\(18\)ewa
cisco	ios	12.2\(18\)s
cisco	ios	12.2\(18\)se
cisco	ios	12.2\(18\)sv
cisco	ios	12.2\(18\)sw
cisco	ios	12.2\(20\)ew
cisco	multiservice_platform_2650	*
cisco	multiservice_platform_2650xm	*
cisco	multiservice_platform_2651	*
cisco	multiservice_platform_2651xm	*
cisco	7200_router	*
cisco	7300_router	*
cisco	7500_router	*
cisco	7600_router	*
cisco	catalyst_7600	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sz:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D9BA55-F193-4BCA-ACC2-BBC892E9D7E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ew:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E49B392-5366-422D-A10E-EE4F3A33C4B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)ewa:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EF707A6-5834-4295-8B38-17F279D49C82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D0E67EE-AF42-4B53-B70A-45562CE164D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)se:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E319ADC-C636-4933-BD50-B613677AD4C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sv:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A15042D-EB07-4754-8144-947CDE669CAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(18\\)sw:*:*:*:*:*:*:*",
              "matchCriteriaId": "E58F4903-E834-4476-876F-8C144BD93D4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(20\\)ew:*:*:*:*:*:*:*",
              "matchCriteriaId": "955BF110-FFBE-4368-BE06-21AC794C53AB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92D41983-E6A8-4481-AA08-42DC92EC57EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6E0CA8-C89C-4CDD-8063-B10E6C122F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19293B13-7FB1-4604-923D-E8760902E8BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6E13135-48E1-4D8C-9C0D-4EBD9A858CBD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "60DEA083-B9BC-42DB-A4F7-986A5A185DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "239E1E03-7F82-48CE-943A-9228C9EDCF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCFAA111-F831-4BC9-BCD7-246ED6C0F3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9097F459-1AE3-4924-8E81-046F84FBB041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*",
              "matchCriteriaId": "6D4F49E8-9C23-422C-9913-9C11E7F9BF9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the \"no service dhcp\" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size."
    }
  ],
  "id": "CVE-2004-1111",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-01-10T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/630104"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/p-034.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/630104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA04-316A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2004-1111 (GCVE-0-2004-1111)

VAR-200501-0257

GHSA-3RRQ-MWRQ-44VC

GSD-2004-1111

FKIE_CVE-2004-1111

Tags

Sightings

Nomenclature