Vulnerability CVE-2000-0268


Published: 2000-04-20   Modified: 2012-02-12

Description:
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot.

Vendor: Cisco
Product: Accesspath 
Version:
vs-3
ts-3
ls-3
Product: IOS 
Version:
12.0(7)t
12.0(6)
12.0(5)
12.0(4)t
12.0(4)s
12.0(4)
12.0(3)t2
12.0(2)xg
12.0(2)xf
12.0(2)xd
12.0(2)xc
12.0(2)
11.3aa
Product: As5800 
Product: Voice gateway as5800 
Product: 3660 router 
Product: 7200 router 
Product: As5300 
Product: Ubr7200 
Product: System controller 3640 
Product: 7100 router 
Product: As5200 
Product: 7500 router 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.cisco.com/warp/public/707/iostelnetopt-pub.shtml
http://www.securityfocus.com/bid/1123
http://www.osvdb.org/1289

Related CVE
CVE-2018-0364
A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected de...
CVE-2018-0362
A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute a...
CVE-2018-0310
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the aff...
CVE-2018-0305
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability exists becau...
CVE-2018-0314
A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability exists because the affecte...
CVE-2018-0312
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The v...
CVE-2018-0308
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The vulnerability exists be...
CVE-2018-0304
A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary ...

Copyright 2018, cxsecurity.com

 

Back to Top