CVE-2002-0886
First published: Sat Aug 31 2002(Updated: )
Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco CBOS | =2.3.9 | |
| Cisco CBOS | =2.2.1a | |
| Cisco CBOS | =2.2.1 | |
| Cisco CBOS | =2.0.1 | |
| Cisco CBOS | =2.1.0a | |
| Cisco CBOS | =2.4.3 | |
| Cisco CBOS | =2.3.5.015 | |
| Cisco CBOS | =2.4.1 | |
| Cisco CBOS | =2.3 | |
| Cisco CBOS | =2.3_.053 | |
| Cisco CBOS | =2.4.4 | |
| Cisco CBOS | =2.4.2ap | |
| Cisco CBOS | =2.1.0 | |
| Cisco CBOS | =2.3.2 | |
| Cisco CBOS | =2.3.5 | |
| Cisco CBOS | =2.2.0 | |
| Cisco CBOS | =2.4.2 | |
| Cisco CBOS | =2.3.7 | |
| Cisco CBOS | =2.3.7.002 | |
| Cisco CBOS | =2.4.2b | |
| Cisco CBOS | =2.3.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/4813
- http://www.iss.net/security_center/static/9151.php
- http://www.cisco.com/warp/public/707/CBOS-DoS.shtml
- http://www.securityfocus.com/bid/4814
- http://www.securityfocus.com/bid/4815
- http://www.iss.net/security_center/static/9153.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9152
Frequently Asked Questions
What is the severity of CVE-2002-0886?
The severity of CVE-2002-0886 is considered critical due to its ability to cause denial of service.
How do I fix CVE-2002-0886?
To fix CVE-2002-0886, upgrade your Cisco DSL CPE devices to a version later than CBOS 2.4.4.
What are the affected devices for CVE-2002-0886?
CVE-2002-0886 affects Cisco DSL CPE devices running CBOS versions 2.4.4 and earlier.
What types of attacks are associated with CVE-2002-0886?
CVE-2002-0886 allows attacks through large packets sent to the DHCP and Telnet ports, leading to resource exhaustion.
Can CVE-2002-0886 be exploited remotely?
Yes, CVE-2002-0886 can be exploited remotely by sending specially crafted packets to the affected devices.
- agent/remedy
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco cbos
- version/cisco cbos/2.3.9
- version/cisco cbos/2.2.1a
- version/cisco cbos/2.2.1
- version/cisco cbos/2.0.1
- version/cisco cbos/2.1.0a
- version/cisco cbos/2.4.3
- version/cisco cbos/2.3.5.015
- version/cisco cbos/2.4.1
- version/cisco cbos/2.3
- version/cisco cbos/2.3_.053
- version/cisco cbos/2.4.4
- version/cisco cbos/2.4.2ap
- version/cisco cbos/2.1.0
- version/cisco cbos/2.3.2
- version/cisco cbos/2.3.5
- version/cisco cbos/2.2.0
- version/cisco cbos/2.4.2
- version/cisco cbos/2.3.7
- version/cisco cbos/2.3.7.002
- version/cisco cbos/2.4.2b
- version/cisco cbos/2.3.8