CVE-2004-1111

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/01/2005
Last modified:
03/04/2025

Description

Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:cisco:ios:12.2\(14\)sz:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)ew:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)ewa:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)se:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)sv:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(18\)sw:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(20\)ew:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*