Denial of Service Vulnerability in Cisco DSL CPE Devices
CVE-2002-0886

Currently unrated

Key Information:

Vendor: Cisco
Status: Cbos
Vendor: CVE Published:; 4 October 2002

Summary

Cisco DSL CPE devices operating with CBOS version 2.4.4 and prior are susceptible to a denial of service vulnerability. By sending a large packet to either the DHCP or Telnet ports, or by flooding the device with large packets, attackers can exploit the TCP/IP stack. This exploitation leads to excessive memory consumption, potentially resulting in the device becoming unresponsive. Organizations using these devices should consider applying the recommended patches and implementing preventive security measures.

References

http://www.cisco.com/warp/public/707/CBOS-DoS.shtml

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/4813

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/9152

vdb-entryx_refsource_XF

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 16, 2002