Vulnerability Description
Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Catos | 2.1\(1\) |
| Cisco | Catalyst 2901 | All versions |
| Cisco | Catalyst 2902 | All versions |
| Cisco | Catalyst 2926 | All versions |
| Cisco | Catalyst 2926F | All versions |
| Cisco | Catalyst 2926Gl | All versions |
| Cisco | Catalyst 2926Gs | All versions |
| Cisco | Catalyst 2926T | All versions |
| Cisco | Catalyst 2948 | All versions |
| Cisco | Catalyst 2948-Ge-Tx | All versions |
| Cisco | Catalyst 2948G-L3 | All versions |
| Cisco | Catalyst 2980G | All versions |
| Cisco | Catalyst 2980G-A | All versions |
| Cisco | Catalyst 4000 | All versions |
| Cisco | Catalyst 4500 | All versions |
| Cisco | Catalyst 4503 | All versions |
| Cisco | Catalyst 4506 | All versions |
| Cisco | Catalyst 4507R | All versions |
| Cisco | Catalyst 4510R | All versions |
| Cisco | Catalyst 4912G | All versions |
References
- http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml
- http://www.kb.cert.org/vuls/id/245190Third Party AdvisoryUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16370
- http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml
- http://www.kb.cert.org/vuls/id/245190Third Party AdvisoryUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16370
FAQ
What is CVE-2004-0551?
CVE-2004-0551 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid ...
How severe is CVE-2004-0551?
CVE-2004-0551 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0551?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Catos, Cisco Catalyst 2901, Cisco Catalyst 2902, Cisco Catalyst 2926, Cisco Catalyst 2926F.