CVE-2002-0886

Cisco Cbos - Denial of Service

Title source: rule

Description

Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.

Exploits (1)

exploitdb WORKING POC VERIFIED

by blackangels · perldoshardware

https://www.exploit-db.com/exploits/21472

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://www.cisco.com/warp/public/707/CBOS-DoS.shtml

[Patch, Vendor Advisory] http://www.securityfocus.com/bid/4813

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/9152

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4814

[Third Party Advisory] http://www.iss.net/security_center/static/9153.php

[Patch, Vendor Advisory] http://www.iss.net/security_center/static/9151.php

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/4815

Scores

EPSS 0.2261

EPSS Percentile 95.9%

Details

Status published

Products (21)

cisco/cbos 2.0.1

cisco/cbos 2.1.0

cisco/cbos 2.1.0a

cisco/cbos 2.2.0

cisco/cbos 2.2.1

cisco/cbos 2.2.1a

cisco/cbos 2.3

cisco/cbos 2.3.2

cisco/cbos 2.3.5

cisco/cbos 2.3.5.015

... and 11 more

Published Oct 04, 2002

Tracked Since Feb 18, 2026