CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
82.5%
A vulnerability in Cisco CatOS may allow a remote attacker to cause a denial of service on an affected device.
Cisco’s CatOS is an operating system that runs on some Cisco Catalyst switch products. A vulnerability in the way that TCP services on CatOS handle malformed connection attempts may allow a remote attacker to cause a denial of service on an affected device. According to the Cisco advisory on this issue:
A TCP-ACK DoS attack is conducted by not sending the regular final ACK required for a 3-way TCP handshake to complete, and instead sending an invalid response to move the connection to an invalid TCP state. This attack can be initiated from a remote spoofed source.
Cisco states that any of the supported externally-facing TCP services supported on CatOS, i.e.,Telnet, SSH, or HTTP, may be used to exploit this vulnerability.
A remote attacker may cause the affected devices to stop functioning and reload.
Apply a patch from the vendor
Upgraded versions of the software that include fixes for this vulnerability are available. Please see the Cisco advisory for more details.
Workarounds
In addition to patched versions of the affected software, Cisco has published several workarounds in their advisory. Sites, particularly those that are unable to apply the patches, are encouraged to consider implementing these workarounds.
245190
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: June 09, 2004 Updated: June 09, 2004
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Cisco Systems, Inc. has published Cisco Security Advisory cisco-sa-20040609-catos in response to this issue. Users are encouraged to review this advisory and apply the updated software it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23245190 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
<http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml>
Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.
This document was written by Chad R Dougherty based on information provided by Cisco Systems.
CVE IDs: | CVE-2004-0551 |
---|---|
Severity Metric: | 4.50 Date Public: |