Reported August 27, 2004, by Cisco
Systems
VERSIONS AFFECTED
- All Cisco Systems' Internetwork
Operating System (IOS)-based products running Telnet or reverse Telnet
|
DESCRIPTION
A Denial of Service (DoS) condition exists in all Cisco IOS-based products that
use Telnet or reverse Telnet. A specifically crafted TCP connection to a Telnet
or reverse Telnet port of a Cisco Systems' device that's running IOS might
block further Telnet, reverse Telnet, remote shell (Rsh), Secure Shell (SSH),
and in some cases HTTP access to the device.
VENDOR RESPONSE
Cisco Systems has released
Security Advisory 61671, "Cisco Telnet Denial of Service Vulnerability,"
to address the vulnerability and recommends that affected users immediately
apply the appropriate patch available via normal update channels.
CREDIT
Discovered by Cisco Systems.