Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cbos | Cisco | 2.0.1 (including) | 2.0.1 (including) |
| Cbos | Cisco | 2.1.0 (including) | 2.1.0 (including) |
| Cbos | Cisco | 2.1.0a (including) | 2.1.0a (including) |
| Cbos | Cisco | 2.2.0 (including) | 2.2.0 (including) |
| Cbos | Cisco | 2.2.1 (including) | 2.2.1 (including) |
| Cbos | Cisco | 2.2.1a (including) | 2.2.1a (including) |
| Cbos | Cisco | 2.3 (including) | 2.3 (including) |
| Cbos | Cisco | 2.3.2 (including) | 2.3.2 (including) |
| Cbos | Cisco | 2.3.5 (including) | 2.3.5 (including) |
| Cbos | Cisco | 2.3.5.015 (including) | 2.3.5.015 (including) |
| Cbos | Cisco | 2.3.7 (including) | 2.3.7 (including) |
| Cbos | Cisco | 2.3.7.002 (including) | 2.3.7.002 (including) |
| Cbos | Cisco | 2.3.8 (including) | 2.3.8 (including) |
| Cbos | Cisco | 2.3.9 (including) | 2.3.9 (including) |
| Cbos | Cisco | 2.3_.053 (including) | 2.3_.053 (including) |
| Cbos | Cisco | 2.4.1 (including) | 2.4.1 (including) |
| Cbos | Cisco | 2.4.2 (including) | 2.4.2 (including) |
| Cbos | Cisco | 2.4.2ap (including) | 2.4.2ap (including) |
| Cbos | Cisco | 2.4.2b (including) | 2.4.2b (including) |
| Cbos | Cisco | 2.4.3 (including) | 2.4.3 (including) |
| Cbos | Cisco | 2.4.4 (including) | 2.4.4 (including) |