Cisco Catalyst Series Switch Denial of Service Vulnerability

vendor:

Catalyst Series Switch

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: Catalyst Series Switch

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: No

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

Cisco Catalyst Series Switch Denial of Service Vulnerability

A problem with the switch firmware could allow a Denial of Service to legitimate users of network resources. Upon booting the switch with SNMP disabled, the service does not handle normal requests. However, by sending an empty UDP packet to the SNMP port, the switch ceases operating.

Mitigation:

Enabling SNMP on the switch will prevent this attack.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2689/info

The Catalyst series switch is a scalable, high performance layers 2 and 3 switch manufactured by Cisco Systems. The Catalyst series ranges in size, and is designed for use in organizations sized from small business to large enterprise.

A problem with the switch firmware could allow a Denial of Service to legitimate users of network resources. Upon booting the switch with SNMP disabled, the service does not handle normal requests. However, by sending an empty UDP packet to the SNMP port, the switch ceases operating.

This problem makes it possible for a remote user to deny service to legitimate users of the switch.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/20824.tgz