CVE-2004-1111
First published: Wed Dec 01 2004(Updated: )
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Catalyst 7600 Series | ||
| Cisco 7600 Router | ||
| Cisco 7200 | ||
| Cisco 7500 Router | ||
| Cisco 7300 Router | ||
| Cisco IOS | =12.2\(14\)sz | |
| Cisco IOS | =12.2\(18\)ew | |
| Cisco IOS | =12.2\(18\)ewa | |
| Cisco IOS | =12.2\(18\)s | |
| Cisco IOS | =12.2\(18\)se | |
| Cisco IOS | =12.2\(18\)sv | |
| Cisco IOS | =12.2\(18\)sw | |
| Cisco IOS | =12.2\(20\)ew | |
| Cisco Multiservice Platform 2650XM | ||
| Cisco Multiservice Platform 2650XM | ||
| Cisco Multiservice Platform 2651 | ||
| Cisco Multiservice Platform 2651XM |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/630104
- http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
- http://www.ciac.org/ciac/bulletins/p-034.shtml
- http://www.us-cert.gov/cas/techalerts/TA04-316A.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18021
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632
Frequently Asked Questions
What is the severity of CVE-2004-1111?
CVE-2004-1111 has a medium severity rating as it can lead to a denial of service affecting network traffic.
How do I fix CVE-2004-1111?
To mitigate CVE-2004-1111, you can apply the "no service dhcp" command in the affected Cisco IOS configuration.
Which software versions are affected by CVE-2004-1111?
CVE-2004-1111 affects multiple Cisco IOS versions, including 12.2(14)SZ, 12.2(18)EW, and 12.2(18)SW among others.
Can CVE-2004-1111 be exploited remotely?
Yes, CVE-2004-1111 can be exploited by remote attackers to cause denial of service.
Is there a workaround for CVE-2004-1111?
The primary workaround for CVE-2004-1111 is to disable DHCP services on the affected Cisco devices.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco catalyst 7600 series
- canonical/cisco 7600 router
- canonical/cisco 7200
- canonical/cisco 7500 router
- canonical/cisco 7300 router
- canonical/cisco ios
- version/cisco ios/12.2\(14\)sz
- version/cisco ios/12.2\(18\)ew
- version/cisco ios/12.2\(18\)ewa
- version/cisco ios/12.2\(18\)s
- version/cisco ios/12.2\(18\)se
- version/cisco ios/12.2\(18\)sv
- version/cisco ios/12.2\(18\)sw
- version/cisco ios/12.2\(20\)ew
- canonical/cisco multiservice platform 2650xm
- canonical/cisco multiservice platform 2651
- canonical/cisco multiservice platform 2651xm