Cisco IOS DHCP Blocked Interface Denial-of-Service - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

Cisco IOS devices running branches of Cisco IOS version 12.2S that
have Dynamic Host Configuration Protocol (DHCP) server or relay agent
enabled, even if not configured, are vulnerable to a denial of service
where the input queue becomes blocked when receiving specifically
crafted DHCP packets. Cisco is providing free fixed software to address
this issue. There are also workarounds to mitigate this vulnerability.
This issue was introduced by the fix included in CSCdx46180 and is
being tracked by Cisco Bug ID CSCee50294.

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

Medium / CVSS Base Score : 5.0

Family: CISCO

Nessus Plugin ID: 48978 (cisco-sa-20041110-dhcphttp.nasl)

Bugtraq ID:

CVE ID: CVE-2004-1111

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now