Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Vulnerability Scanning Software Can Trigger Reload of Cisco IOS Configuration
A vulnerability exists in Cisco’s IOS that can cause a configuration reload. Security scanning software making a TCP connection to ports 3100-3999, 5100-5999, 7100-7999, and 10100-10999 causes the router to unexpectedly reload.
Ken Pfeil
June 3, 2001
2 Min Read
Reported May 24, 2001, by CiscoSystems.
VERSIONS AFFECTED
AllCisco products using the Internetwork Operating System (IOS), including (but notlimited to):
800, 1000, 1005, 1400, 1600, 1700, 2500, 2600, 3600, MC3810, 4000, 4500, 4700, 6200, 6400 NRP, and 6400 NSP series Cisco routers
ubr900 and ubr920 universal broadband routers
Catalyst 2900 ATM, 2900XL, 2948g, 3500XL, 4232, 4840g, and 5000 RSFC series switches
5200, 5300, and 5800 series access servers
Catalyst 6000 MSM, 6000 Hybrid Mode, 6000 Native Mode, 6000 Supervisor Module, and Catalyst ATM Blade
RSM, 7000, 7010, 7100, 7200, ubr7200, 7500, 10000 ESR, and 12000 GSR series Cisco routers
DistributedDirector
Catalyst 8510CSR, 8510MSR, 8540CSR, and 8540MSR series switches
DESCRIPTION
Avulnerability exists in Cisco’s IOS that can cause a configuration reload.Security scanning software making a TCP connection to ports 3100-3999,5100-5999, 7100-7999, and 10100-10999 causes the router to unexpectedly reloadat the next show running-config, write memory, oraccess the configuration file. An attackercan’t configure Cisco IOS software to support any services that mightlisten at these port addresses, or acceptconnections on those ports. However, connection attempts to these ports in theaffected version can cause memory corruption, later leading to an unexpectedreload.
VENDOR RESPONSE
Ciscohas issued a noticeregarding this vulnerability.
CREDIT
Discovered by Cisco.
About the Author
You May Also Like
.png?width=700&auto=webp&quality=80&disable=upscale)