CVE-2002-0813

Cisco Ios - Memory Corruption

Title source: rule

Description

Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.

Exploits (1)

exploitdb WORKING POC VERIFIED

by FX · cdoshardware

https://www.exploit-db.com/exploits/21655

View Code ZIP pw:eip

References (6)

[Vendor Advisory] http://online.securityfocus.com/archive/1/284634

[Patch, Vendor Advisory] http://www.cisco.com/warp/public/707/ios-tftp-long-filename-pub.shtml

[Third Party Advisory] http://www.iss.net/security_center/static/9700.php

[Mailing List] http://marc.info/?l=bugtraq&m=103002169829669&w=2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5328

[Third Party Advisory, VDB Entry] http://www.osvdb.org/854

Scores

EPSS 0.1005

EPSS Percentile 93.1%

Details

CWE

CWE-119

Status published

Products (3)

cisco/ios 11.1

cisco/ios 11.2

cisco/ios 11.3

Published Aug 12, 2002

Tracked Since Feb 18, 2026