Cisco IOS Software TELNET Option Handling Vulnerability

BID:1123

Info

Cisco IOS Software TELNET Option Handling Vulnerability

Bugtraq ID: 1123
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 20 2000 12:00AM
Updated: Apr 20 2000 12:00AM
Credit: This vulnerability was originally discovered with a version of CyberCop Scanner from Network Associates. The public release of this information was in a Cisco security advisory posted to the Bugtraq mailing list on April 19, 2000.
Vulnerable: Cisco Voice Gateway AS5800
Cisco System Controller SC3640
Cisco IOS 12.0.7
Cisco IOS 12.0.6
Cisco IOS 12.0.5
Cisco IOS 12.0.4 T
Cisco IOS 12.0.4 S
Cisco IOS 12.0.4
Cisco IOS 12.0.3 T2
Cisco IOS 12.0.2 XG
Cisco IOS 12.0.2 XF
Cisco IOS 12.0.2 XD
Cisco IOS 12.0.2 XC
Cisco IOS 12.0.2
Cisco IOS 11.3AA
Cisco Cable Router ubr7200
Cisco AccessPath VS-3
Cisco AccessPath TS-3
Cisco AccessPath LS-3
Cisco Access Server AS5800
Cisco Access Server AS5300
Cisco Access Server AS5200
Cisco 7500
Cisco 7200
Cisco 7100
Not Vulnerable:

Discussion

Cisco IOS Software TELNET Option Handling Vulnerability

Certain versions of Cisco's IOS software have a vulnerability in the Telnet Environment handling code. In particular if a certain option (ENVIRON) is passed to the Cisco IOS Telnet Daemon it will cause IOS to reload itself thereby rebooting the device it is bootstrapped on. This attack can be launched repeatedly thereby effecting a Denial of Service attack.

Exploit / POC

Cisco IOS Software TELNET Option Handling Vulnerability

There are multiple publicly available security scanners and tools available to carry out this attack.

Solution / Fix

Cisco IOS Software TELNET Option Handling Vulnerability

Solution:
The solution for this problem is provided in great detail in the Cisco security advisory on this issue. The advisory is attached in the 'Credit' section please use it as your reference.

References

Cisco IOS Software TELNET Option Handling Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report