Details of VAR-200210-0188

ID

VAR-200210-0188

CVE

CVE-2002-0886

TITLE

Cisco CBOS Oversized packet leads DHCP Denial of service attack vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200210-028

DESCRIPTION

Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. When the CBOS TCP/IP stack is forced to process a high number of unusually large packets, it will consume all memory. This will cause the router to freeze and stop forwarding packets. CBOS (Cisco Broadband Operating System) is the operating system for Cisco 600 series routers. It is possible for a remote user to cause a denial of service of a CPE running CBOS software 2.4.4 and prior. Sending an unusually large packet to the telnet port will exploit this issue. The following devices in the Cisco 600 series of routers are affected by this issue: 605, 626, 627, 633, 673, 675, 675e, 676, 677, 677i and 678. This vulnerability has been assigned Cisco Bug ID CSCdv50135. CBOS does not correctly process the information packets submitted to the DHCP server, which can lead to denial of service attacks by remote attackers. The vulnerability number is: CSCdw90020

Trust: 1.8

sources: NVD: CVE-2002-0886 // BID: 4815 // BID: 4814 // BID: 4813 // VULHUB: VHN-5277

AFFECTED PRODUCTS

vendor:	cisco	model:	cbos	scope:	eq	version:	2.4.4	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.4.3	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.4.2	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.4.1	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.9	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.8	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.7.002	Trust: 2.5
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.7	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.5.015	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.5	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.2	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.2.1	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.0.1	Trust: 1.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3_.053	Trust: 1.6
vendor:	cisco	model:	cbos	scope:	eq	version:	2.4.2ap	Trust: 1.6
vendor:	cisco	model:	cbos	scope:	eq	version:	2.4.2b	Trust: 1.6
vendor:	cisco	model:	cbos	scope:	eq	version:	2.2.1a	Trust: 1.0
vendor:	cisco	model:	cbos	scope:	eq	version:	2.1.0a	Trust: 1.0
vendor:	cisco	model:	cbos	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	cisco	model:	cbos	scope:	eq	version:	2.1.0	Trust: 1.0
vendor:	cisco	model:	cbos b	scope:	eq	version:	2.4.2	Trust: 0.9
vendor:	cisco	model:	cbos ap	scope:	eq	version:	2.4.2	Trust: 0.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.3.053	Trust: 0.9
vendor:	cisco	model:	cbos a	scope:	eq	version:	2.2.1	Trust: 0.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.2	Trust: 0.9
vendor:	cisco	model:	cbos a	scope:	eq	version:	2.1	Trust: 0.9
vendor:	cisco	model:	cbos	scope:	eq	version:	2.1	Trust: 0.9
vendor:	cisco	model:	cbos	scope:	ne	version:	2.4.5	Trust: 0.9

sources: BID: 4815 // BID: 4814 // BID: 4813 // CNNVD: CNNVD-200210-028 // NVD: CVE-2002-0886

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-0886
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200210-028
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-5277
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2002-0886
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-5277
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-5277 // CNNVD: CNNVD-200210-028 // NVD: CVE-2002-0886

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-0886

THREAT TYPE

network

Trust: 0.9

sources: BID: 4815 // BID: 4814 // BID: 4813

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.9

sources: BID: 4815 // BID: 4814 // BID: 4813

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-5277

EXTERNAL IDS

db:	BID	id:	4813	Trust: 2.0
db:	BID	id:	4814	Trust: 2.0
db:	BID	id:	4815	Trust: 2.0
db:	NVD	id:	CVE-2002-0886	Trust: 2.0
db:	CNNVD	id:	CNNVD-200210-028	Trust: 0.7
db:	XF	id:	9151	Trust: 0.6
db:	XF	id:	9152	Trust: 0.6
db:	XF	id:	9153	Trust: 0.6
db:	CISCO	id:	20020523 CBOS - IMPROVING RESILIENCE TO DENIAL-OF-SERVICE ATTACKS	Trust: 0.6
db:	SEEBUG	id:	SSVID-75298	Trust: 0.1
db:	EXPLOIT-DB	id:	21472	Trust: 0.1
db:	VULHUB	id:	VHN-5277	Trust: 0.1

sources: VULHUB: VHN-5277 // BID: 4815 // BID: 4814 // BID: 4813 // CNNVD: CNNVD-200210-028 // NVD: CVE-2002-0886

REFERENCES

url:	http://www.securityfocus.com/bid/4813	Trust: 2.7
url:	http://www.securityfocus.com/bid/4814	Trust: 2.7
url:	http://www.securityfocus.com/bid/4815	Trust: 2.7
url:	http://www.cisco.com/warp/public/707/cbos-dos.shtml	Trust: 2.7
url:	http://www.iss.net/security_center/static/9151.php	Trust: 2.7
url:	http://www.iss.net/security_center/static/9153.php	Trust: 2.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/9152	Trust: 2.1
url:	http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html	Trust: 0.9
url:	http://xforce.iss.net/xforce/xfdb/9152	Trust: 0.6

sources: VULHUB: VHN-5277 // BID: 4815 // BID: 4814 // BID: 4813 // CNNVD: CNNVD-200210-028 // NVD: CVE-2002-0886

CREDITS

Discovery of this issue is credited to Knud Erik Højgaard from Cybercity, Denmark.

Trust: 0.6

sources: BID: 4814 // BID: 4813

SOURCES

db:	VULHUB	id:	VHN-5277
db:	BID	id:	4815
db:	BID	id:	4814
db:	BID	id:	4813
db:	CNNVD	id:	CNNVD-200210-028
db:	NVD	id:	CVE-2002-0886

LAST UPDATE DATE

2024-11-22T23:12:09.998000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-5277	date:	2017-07-11T00:00:00
db:	BID	id:	4815	date:	2002-05-23T00:00:00
db:	BID	id:	4814	date:	2002-05-23T00:00:00
db:	BID	id:	4813	date:	2009-07-11T12:46:00
db:	CNNVD	id:	CNNVD-200210-028	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2002-0886	date:	2024-11-20T23:40:06.667

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-5277	date:	2002-10-04T00:00:00
db:	BID	id:	4815	date:	2002-05-23T00:00:00
db:	BID	id:	4814	date:	2002-05-23T00:00:00
db:	BID	id:	4813	date:	2002-05-23T00:00:00
db:	CNNVD	id:	CNNVD-200210-028	date:	2002-05-23T00:00:00
db:	NVD	id:	CVE-2002-0886	date:	2002-10-04T04:00:00