VAR-200108-0017
Vulnerability from variot - Updated: 2023-12-18 12:47Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. CBOS is the Cisco Broadband Operating System, firmware designed for use on Cisco 600 series routers. It is maintained and distributed by Cisco Systems. CBOS becomes unstable when it receives multiple TCP connections on one of the two administrative ports; 21 via telnet, or 80 via HTTP. Upon receiving multiple connections on one of these two ports, the 600 series router becomes incapable of configuration, requiring reboot to resume normal operation. This problem affects the following Cisco 600 series routers: 627, 633, 673, 675, 675E, 677, 677i and 678
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200108-0017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cbos",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3.7"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3.5"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3.2"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.0.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.1.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2.0"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2.1a"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.1.0a"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.4.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.3.9"
},
{
"model": "cbos",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.3.8"
},
{
"model": "cbos",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "2.4.2ap"
},
{
"model": "cbos ap",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "cbos a",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "cbos",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "cbos",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.3"
},
{
"model": "cbos b",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.4.2"
}
],
"sources": [
{
"db": "BID",
"id": "3236"
},
{
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.2.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.1.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.3.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.4.2ap",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:cbos:2.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1064"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was announced in a Cisco Security Advisory on August 23, 2001.",
"sources": [
{
"db": "BID",
"id": "3236"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1064",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-3869",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-1064",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200108-199",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-3869",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3869"
},
{
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. CBOS is the Cisco Broadband Operating System, firmware designed for use on Cisco 600 series routers. It is maintained and distributed by Cisco Systems. \nCBOS becomes unstable when it receives multiple TCP connections on one of the two administrative ports; 21 via telnet, or 80 via HTTP. Upon receiving multiple connections on one of these two ports, the 600 series router becomes incapable of configuration, requiring reboot to resume normal operation. \nThis problem affects the following Cisco 600 series routers: 627, 633, 673, 675, 675E, 677, 677i and 678",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"db": "BID",
"id": "3236"
},
{
"db": "VULHUB",
"id": "VHN-3869"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-3869",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3869"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3236",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2001-1064",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199",
"trust": 0.7
},
{
"db": "XF",
"id": "7025",
"trust": 0.6
},
{
"db": "XF",
"id": "7026",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20010823 CBOS WEB-BASED CONFIGURATION UTILITY VULNERABILITY",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21092",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-74932",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-3869",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3869"
},
{
"db": "BID",
"id": "3236"
},
{
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"id": "VAR-200108-0017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3869"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:47:36.760000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1064"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3236"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/7026.php"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/7025.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-3869"
},
{
"db": "BID",
"id": "3236"
},
{
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-3869"
},
{
"db": "BID",
"id": "3236"
},
{
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-08-31T00:00:00",
"db": "VULHUB",
"id": "VHN-3869"
},
{
"date": "2001-08-23T00:00:00",
"db": "BID",
"id": "3236"
},
{
"date": "2001-08-31T04:00:00",
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"date": "2001-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-19T00:00:00",
"db": "VULHUB",
"id": "VHN-3869"
},
{
"date": "2009-07-11T07:56:00",
"db": "BID",
"id": "3236"
},
{
"date": "2017-12-19T02:29:32.067000",
"db": "NVD",
"id": "CVE-2001-1064"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco CBOS Multiple TCP Connection service denial vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200108-199"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…