Vulnerability Description
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.2\(14\)sz |
| Cisco | Multiservice Platform 2650 | All versions |
| Cisco | Multiservice Platform 2650Xm | All versions |
| Cisco | Multiservice Platform 2651 | All versions |
| Cisco | Multiservice Platform 2651Xm | All versions |
| Cisco | 7200 Router | All versions |
| Cisco | 7300 Router | All versions |
| Cisco | 7500 Router | All versions |
| Cisco | 7600 Router | All versions |
| Cisco | Catalyst 7600 | All versions |
References
- http://www.ciac.org/ciac/bulletins/p-034.shtml
- http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
- http://www.kb.cert.org/vuls/id/630104Third Party AdvisoryUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA04-316A.htmlUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18021
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.ciac.org/ciac/bulletins/p-034.shtml
- http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
- http://www.kb.cert.org/vuls/id/630104Third Party AdvisoryUS Government Resource
- http://www.us-cert.gov/cas/techalerts/TA04-316A.htmlUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18021
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2004-1111?
CVE-2004-1111 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue inst...
How severe is CVE-2004-1111?
CVE-2004-1111 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1111?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco Multiservice Platform 2650, Cisco Multiservice Platform 2650Xm, Cisco Multiservice Platform 2651, Cisco Multiservice Platform 2651Xm.