Cisco Telnet Denial of Service Vulnerability - Cisco Systems

medium Nessus Plugin ID 48977

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

A specially crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Data Link Switching (DLSw) and protocol translation connections may also be affected.

Solution

Apply the relevant patch referenced in Cisco Security Advisory cisco-sa-20040827-telnet.

See Also

http://www.nessus.org/u?65c4140e

http://www.nessus.org/u?ec31b274

Plugin Details

Severity: Medium

ID: 48977

File Name: cisco-sa-20040827-telnethttp.nasl

Version: 1.16

Type: local

Family: CISCO

Published: 9/1/2010

Updated: 5/20/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2004-1464

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Host/Cisco/IOS/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/27/2004

Vulnerability Publication Date: 8/27/2004

CISA Known Exploited Vulnerability Due Dates: 6/9/2023

Reference Information

CVE: CVE-2004-1464

BID: 11060

CERT: 384230

CISCO-SA: cisco-sa-20040827-telnet

CISCO-BUG-ID: CSCef46191