medium
5
CWE
NVD-CWE-Other
Advisory Published
CVE Published
Updated

CVE-2004-1454

First published: Fri Dec 31 2004(Updated: )

Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Puppet Cisco IOS=12.0\(22\)s
Puppet Cisco IOS=12.0\(22\)s4
Puppet Cisco IOS=12.0\(22\)s5
Puppet Cisco IOS=12.0\(22\)sy
Puppet Cisco IOS=12.0\(23\)sx
Puppet Cisco IOS=12.0\(23\)sz
Puppet Cisco IOS=12.2\(11\)yu
Puppet Cisco IOS=12.2\(11\)yv
Puppet Cisco IOS=12.2\(13\)zd
Puppet Cisco IOS=12.2\(13\)ze
Puppet Cisco IOS=12.2\(13\)zf
Puppet Cisco IOS=12.2\(13\)zg
Puppet Cisco IOS=12.2\(13\)zh
Puppet Cisco IOS=12.2\(14\)sz
Puppet Cisco IOS=12.2\(14\)sz1
Puppet Cisco IOS=12.2\(14\)sz2
Puppet Cisco IOS=12.2\(15\)b
Puppet Cisco IOS=12.2\(15\)bc
Puppet Cisco IOS=12.2\(15\)bc1
Puppet Cisco IOS=12.2\(15\)bx
Puppet Cisco IOS=12.2\(15\)bz
Puppet Cisco IOS=12.2\(15\)cx
Puppet Cisco IOS=12.2\(15\)mc1
Puppet Cisco IOS=12.2\(15\)t
Puppet Cisco IOS=12.2\(15\)t5
Puppet Cisco IOS=12.2\(15\)zj
Puppet Cisco IOS=12.2\(15\)zj1
Puppet Cisco IOS=12.2\(15\)zj2
Puppet Cisco IOS=12.2\(15\)zj3
Puppet Cisco IOS=12.2\(15\)zk
Puppet Cisco IOS=12.2\(15\)zl
Puppet Cisco IOS=12.2\(15\)zl1
Puppet Cisco IOS=12.2\(15\)zn
Puppet Cisco IOS=12.2\(15\)zo
Puppet Cisco IOS=12.2\(18\)ew
Puppet Cisco IOS=12.2\(18\)s
Puppet Cisco IOS=12.2\(18\)se
Puppet Cisco IOS=12.2\(18\)sv
Puppet Cisco IOS=12.2\(18\)sw
Puppet Cisco IOS=12.3
Puppet Cisco IOS=12.3\(1a\)
Puppet Cisco IOS=12.3\(2\)t3
Puppet Cisco IOS=12.3\(2\)xc1
Puppet Cisco IOS=12.3\(2\)xc2
Puppet Cisco IOS=12.3\(2\)xc3
Puppet Cisco IOS=12.3\(3e\)
Puppet Cisco IOS=12.3\(4\)eo1
Puppet Cisco IOS=12.3\(4\)t
Puppet Cisco IOS=12.3\(4\)t1
Puppet Cisco IOS=12.3\(4\)t2
Puppet Cisco IOS=12.3\(4\)t3
Puppet Cisco IOS=12.3\(4\)t4
Puppet Cisco IOS=12.3\(4\)xd
Puppet Cisco IOS=12.3\(4\)xd1
Puppet Cisco IOS=12.3\(4\)xd2
Puppet Cisco IOS=12.3\(4\)xg1
Puppet Cisco IOS=12.3\(4\)xh
Puppet Cisco IOS=12.3\(4\)xk
Puppet Cisco IOS=12.3\(4\)xq
Puppet Cisco IOS=12.3\(5\)
Puppet Cisco IOS=12.3\(5\)b1
Puppet Cisco IOS=12.3\(5a\)
Puppet Cisco IOS=12.3\(5a\)b
Puppet Cisco IOS=12.3\(5b\)
Puppet Cisco IOS=12.3\(5c\)
Puppet Cisco IOS=12.3\(6\)
Puppet Cisco IOS=12.3\(6a\)
Puppet Cisco IOS=12.3\(7\)t
Puppet Cisco IOS=12.3\(7.7\)
Puppet Cisco IOS=12.3\(9\)
Puppet Cisco IOS=12.3b
Puppet Cisco IOS=12.3bw
Puppet Cisco IOS=12.3t
Puppet Cisco IOS=12.3xa
Puppet Cisco IOS=12.3xb
Puppet Cisco IOS=12.3xc
Puppet Cisco IOS=12.3xe

Remedy

http://www.kb.cert.org/vuls/id/989406

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2004-1454?

    CVE-2004-1454 is classified as a high severity vulnerability due to its potential to cause denial of service by device reload.

  • How do I fix CVE-2004-1454?

    To fix CVE-2004-1454, upgrade to a fixed version of Cisco IOS that addresses this vulnerability.

  • What devices are affected by CVE-2004-1454?

    CVE-2004-1454 affects multiple versions of Cisco IOS 12.0S, 12.2, and 12.3 with OSPF enabled.

  • What type of attack does CVE-2004-1454 involve?

    CVE-2004-1454 involves an attack that sends a malformed OSPF packet to trigger a device reload, causing denial of service.

  • Can CVE-2004-1454 be exploited remotely?

    Yes, CVE-2004-1454 can be exploited remotely, allowing attackers to trigger a denial of service from a distance.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203