DOS: CISCO Catalyst 5000
This signature detects attempts to exploit a known software vulnerability in Cisco Catalyst LAN switches. Versions prior to Cisco Catalyst 12xx supervisor 4.30, 29xx supervisor 2.1.6, and 5xxx supervisor 2.1.6 are susceptible. Attackers can remotely connect to TCP/7161 and reload the switch supervisor module, causing a denial-of-service (DoS).
Extended Description
This desciprion was taken from the Cisco advisory. A remote attacker who knows how to exploit this vulnerability, and who can make a connection to TCP port 7161 on an affected switch, can cause the supervisor module of that switch to reload. While the supervisor is reloading, the switch will not forward traffic, and the attack will therefore deny service to the equipment attached to the switch. The switch will recover automatically, but repeated attacks can extend the denial of service indefinitely.
Affected Products
Cisco catalyst_5xxx_supervisor_software
Short Name
DOS:NETDEV:CISCO-5000
Severity
Major
Recommended
False
Recommended Action
None
Category
DOS
Keywords
5000 CISCO CVE-1999-0430 Catalyst bid:0705
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/7161
False Positive
Frequently
Vendors
Cisco
CVSS Score
5.0