1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Cisco CBOS Telnet DoS

Cisco CBOS Telnet DoS

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a vulnerability in the Cisco Operating System (CBOS).

Additional Information

CBOS (Cisco Broadband Operating System) is the operating system for Cisco 600 series routers.

A denial of service vulnerability exists in CBOS software 2.4.4 and prior.

The vulnerability results when an unusually large packet is sent to the telnet port of a Cisco 6000 series router. Remote users could exploit this issue to deny service to legitimate users of the router until it has been restarted.

It should be noted that telnet is enabled by default.

The following devices in the Cisco 600 series of routers are affected by this issue:

605, 626, 627, 633, 673, 675, 675e, 676, 677, 677i and 678.

This vulnerability has been assigned Cisco Bug ID CSCdv50135.

Affected

  • Cisco CBOS 2.0.1, 2.1, 2.1 a, 2.2, 2.2.1, 2.2.1 a, 2.3, 2.3.053, 2.3.2, 2.3.5, 2.3.5.015, 2.3.7, 2.3.7.002, 2.3.8, 2.3.9, 2.4.1, 2.4.2, 2.4.2 ap, 2.4.2 b, 2.4.3, 2.4.4

Response

Workaround:

Disable telnet access using the following commands:

cbos# set telnet disable
cbos# write

Solution:

Cisco has addressed this issue in CBOS version 2.4.5.
Cisco CBOS2.1.0:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.1.0a:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.2.0:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.2.1:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.2.1a:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.2:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.5:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.5.015:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.7:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.7.002:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.8:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS2.3.9:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.0.1:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.3:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.3.053:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.4.1:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.4.2:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.4.2ap:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.4.2b:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.4.3:
Cisco Upgrade CBOS 2.4.5

Cisco CBOS 2.4.4:
Cisco Upgrade CBOS 2.4.5
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube