Cisco IOS Software TELNET Option Handling Vulnerability

Certain versions of Cisco's IOS software have a vulnerability in the Telnet Environment handling code. In particular if a certain option (ENVIRON) is passed to the Cisco IOS Telnet Daemon it will cause IOS to reload itself thereby rebooting the device it is bootstrapped on. This attack can be launched repeatedly thereby effecting a Denial of Service attack.


 

Privacy Statement
Copyright 2010, SecurityFocus