Cisco IOS Software TELNET Option Handling Vulnerability
BID:1123
Info
Cisco IOS Software TELNET Option Handling Vulnerability
| Bugtraq ID: | 1123 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 20 2000 12:00AM |
| Updated: | Apr 20 2000 12:00AM |
| Credit: | This vulnerability was originally discovered with a version of CyberCop Scanner from Network Associates. The public release of this information was in a Cisco security advisory posted to the Bugtraq mailing list on April 19, 2000. |
| Vulnerable: |
Cisco Voice Gateway AS5800 Cisco System Controller SC3640 Cisco IOS 12.0.7 Cisco IOS 12.0.6 Cisco IOS 12.0.5 Cisco IOS 12.0.4 T Cisco IOS 12.0.4 S Cisco IOS 12.0.4 Cisco IOS 12.0.3 T2 Cisco IOS 12.0.2 XG Cisco IOS 12.0.2 XF Cisco IOS 12.0.2 XD Cisco IOS 12.0.2 XC Cisco IOS 12.0.2 Cisco IOS 11.3AA Cisco Cable Router ubr7200 Cisco AccessPath VS-3 Cisco AccessPath TS-3 Cisco AccessPath LS-3 Cisco Access Server AS5800 Cisco Access Server AS5300 Cisco Access Server AS5200 Cisco 7500 Cisco 7200 Cisco 7100 |
| Not Vulnerable: | |
Discussion
Cisco IOS Software TELNET Option Handling Vulnerability
Certain versions of Cisco's IOS software have a vulnerability in the Telnet Environment handling code. In particular if a certain option (ENVIRON) is passed to the Cisco IOS Telnet Daemon it will cause IOS to reload itself thereby rebooting the device it is bootstrapped on. This attack can be launched repeatedly thereby effecting a Denial of Service attack.
Certain versions of Cisco's IOS software have a vulnerability in the Telnet Environment handling code. In particular if a certain option (ENVIRON) is passed to the Cisco IOS Telnet Daemon it will cause IOS to reload itself thereby rebooting the device it is bootstrapped on. This attack can be launched repeatedly thereby effecting a Denial of Service attack.
Exploit / POC
Cisco IOS Software TELNET Option Handling Vulnerability
There are multiple publicly available security scanners and tools available to carry out this attack.
There are multiple publicly available security scanners and tools available to carry out this attack.
Solution / Fix
Cisco IOS Software TELNET Option Handling Vulnerability
Solution:
The solution for this problem is provided in great detail in the Cisco security advisory on this issue. The advisory is attached in the 'Credit' section please use it as your reference.
Solution:
The solution for this problem is provided in great detail in the Cisco security advisory on this issue. The advisory is attached in the 'Credit' section please use it as your reference.
References
Cisco IOS Software TELNET Option Handling Vulnerability
References:
References:
- Cisco Product Security Incident Response (Cisco Systems)