Info

Disclosure

Dec 15, 1997

Discovery

Dec 11, 1997

Dates

Exploit

Unknown

Solution

Unknown

Description

IOS/700 contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker uses a very long password string during telnet login, and will result in loss of availability for the platform.

Classification

Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability

Solution

Upgrade to version 4.1(2.1) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Cisco Systems, Inc.	IOS/700	4.1
		4.1(1)
		4.1(2)

References

CVE ID: 1999-0230 (see also: NVD)
ISS X-Force ID: 2374 699
Bugtraq ID: 704
Other Advisory URL: http://archives.neohapsis.com/archives/bugtraq/1997_4/0453.html
Vendor Specific Advisory URL: http://www.cisco.com/warp/public/770/pwbuf-pub.shtml
CIAC Advisory: i-020

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/1102

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Cisco Systems, Inc.

IOS/700

References

Credit