Cisco CBOS Telnet存在拒绝服务攻击漏洞发布时间:2002-05-28 更新时间:2002-05-28 严重程度:中 威胁程度:远程拒绝服务 错误类型:意外情况处置错误 利用方式:服务器模式 BUGTRAQ ID:4814 受影响系统 Cisco CBOS 2.3.9详细描述 CBOS (Cisco Broadband Operating System)是CISCO 600路由器的操作系统。 其中发送超大值的包给telnet端口可导致CPE (Customer Premises Equipment)停止响应。 下面的CISCO 600系列路由器存在漏洞: 605, 626, 627, 633, 673, 675, 675e, 676, 677, 677i 和 678. 漏洞编码为Cisco Bug ID CSCdv50135. 测试代码 尚无 解决方案 关闭telnet服务: cbos# set telnet disable cbos# write 升级程序: Cisco CBOS 2.3.9: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3.8: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3.7.002: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3.7: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3.5.015: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3.5: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3.2: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.2.1a: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.2.1: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.2.0: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.1.0a: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.1.0: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.0.1: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3 .053: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.3: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.4.1: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.4.2 b: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.4.2 ap: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.4.2: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.4.3: Cisco Upgrade CBOS 2.4.5 Cisco CBOS 2.4.4: Cisco Upgrade CBOS 2.4.5 相关信息 Knud Erik H?jgaard from Cybercity, Denmark. 参考:http://online.securityfocus.com/advisories/4147 相关主页:http://www.cisco.com/ |
