CVE-2004-1111 Information

Description

Cisco IOS 2.2(18)EW 12.2(18)EWA 12.2(14)SZ 12.2(18)S 12.2(18)SE 12.2(18)SV 12.2(18)SW and other versions without the \no service dhcp\ command keep undeliverable DHCP packets in the queue instead of dropping them which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Reference

http://www.ciac.org/ciac/bulletins/p-034.shtml http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml http://www.kb.cert.org/vuls/id/630104 http://www.us-cert.gov/cas/techalerts/TA04-316A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18021 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5632