TUCoPS :: Cisco :: cisc5366.htm

Cisco Broadband Operating System (CBOS) multiple DoS
24th May 2002 [SBWID-5366]
COMMAND

	Cisco Broadband Operating System (CBOS) multiple DoS

SYSTEMS AFFECTED

	All Cisco DSL CPE devices from the 600 family running CBOS  software  up
	to and including 2.4.4

PROBLEM

	Cisco released an advisory  detailing  multiple  DoS  attacks  on  those
	systems, credit goes to : Knud Erik Højgaard from Cybercity, Denmark.
	

	

	 1. DHCP DoS

	 ===========

	

	The DHCP service can crash if \"large packets\" gets send to it.
	

	

	 2. Telnet DoS

	 =============

	

	The Telnet service can crash if \"large packets\" gets send to  it.  (no
	need to autheticate).
	

	

	 3. Routing DoS

	 ==============

	

	Sending a big amount of \"large packets\" to  the  device  adress,  will
	ultimately freeze the device.

SOLUTION

	You may want to disable telnet and dhcp, however  the  device  is  still
	vulnerable.
	

	Get the patches as described :
	

	http://www.cisco.com/warp/public/707/CBOS-DoS.shtml

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH