CVE-2004-1464
CVE-2004-1464
In short
A flaw in Cisco IOS allows attackers to block legitimate users from connecting to network devices via Telnet by sending specially crafted network packets. This prevents administrators from managing the device remotely.
Technical detail
A resource exhaustion vulnerability in Cisco IOS 12.2(15) and earlier fails to properly handle malformed TCP connections to Telnet ports, causing VTY (virtual terminal) connection refusal. Remote unauthenticated attackers can trigger a denial of service condition affecting device management accessibility.
Summary generated and translated by AI from the official description.
Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/12395/http://securitytracker.com/id?1011079https://exchange.xforce.ibmcloud.com/vulnerabilities/17131https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2004-1464http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtmlhttp://www.kb.cert.org/vuls/id/384230http://www.securityfocus.com/bid/11060