CVE-2002-0886

Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.cisco.com/warp/public/707/CBOS-DoS.shtml
http://www.iss.net/security_center/static/9151.php	Patch Vendor Advisory
http://www.iss.net/security_center/static/9153.php
http://www.securityfocus.com/bid/4813	Patch Vendor Advisory
http://www.securityfocus.com/bid/4814
http://www.securityfocus.com/bid/4815
https://exchange.xforce.ibmcloud.com/vulnerabilities/9152

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:cbos:2.0.1:::::::*
	cpe:2.3:o:cisco:cbos:2.1.0:::::::*
	cpe:2.3:o:cisco:cbos:2.1.0a:::::::*
	cpe:2.3:o:cisco:cbos:2.2.0:::::::*
	cpe:2.3:o:cisco:cbos:2.2.1:::::::*
	cpe:2.3:o:cisco:cbos:2.2.1a:::::::*
	cpe:2.3:o:cisco:cbos:2.3:::::::*
	cpe:2.3:o:cisco:cbos:2.3.2:::::::*
	cpe:2.3:o:cisco:cbos:2.3.5:::::::*
	cpe:2.3:o:cisco:cbos:2.3.5.015:::::::*
	cpe:2.3:o:cisco:cbos:2.3.7:::::::*
	cpe:2.3:o:cisco:cbos:2.3.7.002:::::::*
	cpe:2.3:o:cisco:cbos:2.3.8:::::::*
	cpe:2.3:o:cisco:cbos:2.3.9:::::::*
	cpe:2.3:o:cisco:cbos:2.3_.053:::::::*
	cpe:2.3:o:cisco:cbos:2.4.1:::::::*
	cpe:2.3:o:cisco:cbos:2.4.2:::::::*
	cpe:2.3:o:cisco:cbos:2.4.2ap:::::::*
	cpe:2.3:o:cisco:cbos:2.4.2b:::::::*
	cpe:2.3:o:cisco:cbos:2.4.3:::::::*
	cpe:2.3:o:cisco:cbos:2.4.4:::::::*

History

No history.

Information

Published : 2002-10-04 04:00

Updated : 2023-12-10 10:17

NVD link : CVE-2002-0886

Mitre link : CVE-2002-0886

CVE.ORG link : CVE-2002-0886

JSON object : View

Products Affected

cisco

cbos

CWE

NVD-CWE-Other

{"id": "CVE-2002-0886", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-10-04T04:00:00.000", "references": [{"url": "http://www.cisco.com/warp/public/707/CBOS-DoS.shtml", "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/9151.php", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/9153.php", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4813", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4814", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4815", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9152", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory."}], "lastModified": "2017-07-11T01:29:12.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EE29F62-FF38-4951-B3CB-2B9102CB9291"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EEF0CEB-4CCF-46B1-99BC-8301CD422371"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.1.0a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A6E05A1-524C-441C-A4E2-F2E9DE62E82A"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3875EB7E-7D22-4C3D-80CD-A7E8A249E97F"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFD36C73-8CAC-4DDB-8A64-11DAC075D300"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.2.1a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC7E0234-23B5-41D4-A8B5-04C5BB881F3A"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2277233-E3EB-42F0-BB02-068E50A09265"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59C80FB5-35CC-4FE2-8C98-A560B7D5C479"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADC81B47-C744-4776-BFB6-AA70D35A4140"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.5.015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB66DFA6-089D-4200-87CB-AB1404A48EF2"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEFB61AC-25EE-46E4-9F34-70569EF74CFF"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.7.002:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E81CFA0E-04B7-406A-899B-157FC1862501"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4737C7E7-1E40-40F6-A6B3-4CE1465F4105"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A18E9CCC-D8EB-4778-B444-14314651CA9B"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3_.053:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6D52CBF-D6F7-47C1-81E6-714F50F5E6BC"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB7AF093-B5E2-4C4F-997B-5ECB5192A524"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8FFFBE5-EE4C-4A10-8D94-015438A39C76"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.2ap:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3BFEC03-6715-4821-8AA0-EF90E1D68DBF"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.2b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D7E7405D-78C0-4C31-A996-B1EF09EEA205"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDDEB295-B551-4D48-A542-1FC035C78F02"}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5094C442-AB4F-41C3-8C83-4B7CB6E2A980"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}