Vulnerabilities > CVE-2001-0861 - Unspecified vulnerability in Cisco 12000 Router
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cisco
nessus
Summary
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
Nessus
NASL family CISCO NASL id CISCO-SA-20011114-GSR-UNREACHABLEHTTP.NASL description The performance of Cisco 12000 series routers can be degraded when they have to send a large number of ICMP unreachable packets. This situation usually can occur during heavy network scanning. This vulnerability is tracked by three different bug IDs: CSCdr46528 ( registered customers only) , CSCdt66560 ( registered customers only) , and CSCds36541 ( registered customers only) . Each bug ID is assigned to a different Engine the line card is based upon. The rest of the Cisco routers and switches are not affected by this vulnerability. It is specific for Cisco 12000 Series. No other Cisco product is vulnerable. The workaround is to either prevent the router from sending unreachable Internet Control Message Protocol (ICMPs) at all or to rate limit them. last seen 2019-10-28 modified 2010-09-01 plugin id 48960 published 2010-09-01 reporter This script is (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48960 title ICMP Unreachable Vulnerability in Cisco 12000 Series Internet Router - Cisco Systems NASL family CISCO NASL id CISCO_GSR_UNREACHABLE.NASL description The remote device appears to be a Cisco 12000 Series router. According to its version number, it is vulnerable to a denial of service issue. Forcing it to send a large number of ICMP unreachable packets can slow down throughput. A remote attacker could use this to degrade the performance of the network. last seen 2020-06-01 modified 2020-06-02 plugin id 10971 published 2002-06-05 reporter This script is (C) 2002-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/10971 title Cisco 12000 Series Router ICMP Unreachable DoS
References
- http://www.ciac.org/ciac/bulletins/m-018.shtml
- http://www.ciac.org/ciac/bulletins/m-018.shtml
- http://www.cisco.com/warp/public/707/GSR-unreachables-pub.shtml
- http://www.cisco.com/warp/public/707/GSR-unreachables-pub.shtml
- http://www.osvdb.org/794
- http://www.osvdb.org/794
- http://www.securityfocus.com/bid/3534
- http://www.securityfocus.com/bid/3534
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7536