Cisco Denial of Service Vulnerability

vendor:

IOS

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: IOS

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Cisco routers in the AGS/MGS/CGS/AGS+, IGS, RSM, 8xx, ubr9xx, 1xxx, 25xx, 26xx, 30xx, 36xx, 38xx, 40xx, 45xx, 47xx, AS52xx, AS53xx, AS58xx, 64xx, 70xx, 72xx (including the ubr72xx), 75xx, and 12xxx series, Recent versions of LS1010 ATM switch, Catalyst 2900XL LAN switch, Cisco DitributedDirector.

2002

Cisco Denial of Service Vulnerability

Cisco devices running classic IOS are reported prone to a denial of service vulnerability. The issue occurs when a vulnerable device receives and processes a UDP packet on UDP port 514 for syslog. This issue results in a crash or hang requiring a reboot.

Mitigation:

Disable UDP port 514 on the Cisco device or upgrade to a non-vulnerable version of IOS.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/675/info

Cisco devices running classic IOS are reported prone to a denial of service vulnerability. The issue occurs when a vulnerable device receives and processes a UDP packet on UDP port 514 for syslog. This issue results in a crash or hang requiring a reboot.

Vulnerable IOS software may be found on the following Cisco devices:

- Cisco routers in the AGS/MGS/CGS/AGS+, IGS, RSM, 8xx, ubr9xx, 1xxx, 25xx, 26xx, 30xx, 36xx, 38xx, 40xx, 45xx, 47xx, AS52xx, AS53xx, AS58xx, 64xx, 70xx, 72xx (including the ubr72xx), 75xx, and 12xxx series.
-Recent versions of LS1010 ATM switch.
-Catalyst 2900XL LAN switch.
-Cisco DitributedDirector. 

nmap -sU -p514 <IP-of-Cisco-device>