Vulnerability Note VU#245190
Cisco CatOS TCP ACK handling vulnerability
A vulnerability in Cisco CatOS may allow a remote attacker to cause a denial of service on an affected device.
Cisco's CatOS is an operating system that runs on some Cisco Catalyst switch products. A vulnerability in the way that TCP services on CatOS handle malformed connection attempts may allow a remote attacker to cause a denial of service on an affected device. According to the Cisco advisory on this issue:
A TCP-ACK DoS attack is conducted by not sending the regular final ACK required for a 3-way TCP handshake to complete, and instead sending an invalid response to move the connection to an invalid TCP state. This attack can be initiated from a remote spoofed source.
Cisco states that any of the supported externally-facing TCP services supported on CatOS, i.e.,Telnet, SSH, or HTTP, may be used to exploit this vulnerability.
A remote attacker may cause the affected devices to stop functioning and reload.
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems Inc.||Affected||09 Jun 2004||09 Jun 2004|
CVSS Metrics (Learn More)
Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.
This document was written by Chad R Dougherty based on information provided by Cisco Systems.
- CVE IDs: CAN-2004-0551
- Date Public: 09 Jun 2004
- Date First Published: 15 Jun 2004
- Date Last Updated: 16 Jul 2004
- Severity Metric: 4.50
- Document Revision: 17
If you have feedback, comments, or additional information about this vulnerability, please send us email.