CVE-2001-1064 - OpenCVE

Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Cbos

Configuration 1 [-]

OR	cpe:2.3:o:cisco:cbos::::::::
	cpe:2.3:o:cisco:cbos:2.0.1:::::::*
	cpe:2.3:o:cisco:cbos:2.1.0:::::::*
	cpe:2.3:o:cisco:cbos:2.1.0a:::::::*
	cpe:2.3:o:cisco:cbos:2.2.0:::::::*
	cpe:2.3:o:cisco:cbos:2.2.1:::::::*
	cpe:2.3:o:cisco:cbos:2.2.1a:::::::*
	cpe:2.3:o:cisco:cbos:2.3:::::::*
	cpe:2.3:o:cisco:cbos:2.3.2:::::::*
	cpe:2.3:o:cisco:cbos:2.3.5:::::::*
	cpe:2.3:o:cisco:cbos:2.3.7:::::::*
	cpe:2.3:o:cisco:cbos:2.3.8:::::::*
	cpe:2.3:o:cisco:cbos:2.3.9:::::::*
	cpe:2.3:o:cisco:cbos:2.4.1:::::::*
	cpe:2.3:o:cisco:cbos:2.4.2:::::::*

No data.

References

Link	Providers
http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml
http://www.securityfocus.com/bid/3236
https://exchange.xforce.ibmcloud.com/vulnerabilities/7025
https://exchange.xforce.ibmcloud.com/vulnerabilities/7026

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-02-02T05:00:00

Updated: 2024-08-08T04:44:07.047Z

Reserved: 2002-01-31T00:00:00

Link: CVE-2001-1064

Vulnrichment

No data.

NVD

Status : Modified

Published: 2001-08-31T04:00:00.000

Modified: 2017-12-19T02:29:32.067

Link: CVE-2001-1064

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2001-08-23T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-18T21:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "3236", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/3236"}, {"name": "cisco-cbos-telnet-dos(7025)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"}, {"name": "20010823 CBOS Web-based Configuration Utility Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"}, {"name": "cisco-cbos-http-dos(7026)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1064", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "3236", "refsource": "BID", "url": "http://www.securityfocus.com/bid/3236"}, {"name": "cisco-cbos-telnet-dos(7025)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"}, {"name": "20010823 CBOS Web-based Configuration Utility Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"}, {"name": "cisco-cbos-http-dos(7026)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T04:44:07.047Z"}, "title": "CVE Program Container", "references": [{"name": "3236", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/3236"}, {"name": "cisco-cbos-telnet-dos(7025)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"}, {"name": "20010823 CBOS Web-based Configuration Utility Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"}, {"name": "cisco-cbos-http-dos(7026)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1064", "datePublished": "2002-02-02T05:00:00", "dateReserved": "2002-01-31T00:00:00", "dateUpdated": "2024-08-08T04:44:07.047Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:cbos:*:*:*:*:*:*:*:*", "matchCriteriaId": "709494BE-334A-43C4-A10B-E3784093B2A0", "versionEndIncluding": "2.4.2ap", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8EE29F62-FF38-4951-B3CB-2B9102CB9291", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EEF0CEB-4CCF-46B1-99BC-8301CD422371", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "9A6E05A1-524C-441C-A4E2-F2E9DE62E82A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "3875EB7E-7D22-4C3D-80CD-A7E8A249E97F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFD36C73-8CAC-4DDB-8A64-11DAC075D300", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.2.1a:*:*:*:*:*:*:*", "matchCriteriaId": "EC7E0234-23B5-41D4-A8B5-04C5BB881F3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B2277233-E3EB-42F0-BB02-068E50A09265", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "59C80FB5-35CC-4FE2-8C98-A560B7D5C479", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "ADC81B47-C744-4776-BFB6-AA70D35A4140", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "CEFB61AC-25EE-46E4-9F34-70569EF74CFF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "4737C7E7-1E40-40F6-A6B3-4CE1465F4105", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "A18E9CCC-D8EB-4778-B444-14314651CA9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB7AF093-B5E2-4C4F-997B-5ECB5192A524", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:cbos:2.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "E8FFFBE5-EE4C-4A10-8D94-015438A39C76", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets."}], "id": "CVE-2001-1064", "lastModified": "2017-12-19T02:29:32.067", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2001-08-31T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/warp/public/707/cisco-cbos-webserver-pub.shtml"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/3236"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7025"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7026"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}