Sign-up

ID

VAR-200212-0790


CVE

CVE-2002-2315


TITLE

Cisco IOS ICMP Redirect service denial vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200212-654

DESCRIPTION

Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. IOS is the Internet Operating System, used on Cisco routers. It is distributed and maintained by Cisco. This vulnerability has been assigned Cisco bug ID CSCdx32056. The following products are known to be affected: Cisco 1005 running IOS 11.0(18) Cisco 1603 running IOS 11.3(11b) Cisco 1603 running IOS 12.0(3) Cisco 2503 running IOS 11.0(22a) Cisco 2503 running IOS 11.1(24a). Cisco IOS 11.2.x and 12.0.x do not limit the size of the redirection table

Trust: 1.26

sources: NVD: CVE-2002-2315 // BID: 4786 // VULHUB: VHN-6698

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:11.3

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:11.0

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:11.1

Trust: 1.6

vendor:ciscomodel:iosscope:eqversion:12.0(3)

Trust: 0.3

vendor:ciscomodel:ios 11.3scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 11.1scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 11.0scope: - version: -

Trust: 0.3

vendor:ciscomodel:iosscope:eqversion:11.0(18)

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.2(5)

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.1(11)

Trust: 0.3

vendor:ciscomodel:iosscope:neversion:12.0(9)

Trust: 0.3

vendor:ciscomodel:ios 11.2scope:neversion: -

Trust: 0.3

sources: BID: 4786 // CNNVD: CNNVD-200212-654 // NVD: CVE-2002-2315

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-2315
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200212-654
value: HIGH

Trust: 0.6

VULHUB: VHN-6698
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2002-2315
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-6698
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-6698 // CNNVD: CNNVD-200212-654 // NVD: CVE-2002-2315

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-2315

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-654

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200212-654

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-6698

EXTERNAL IDS
db:BIDid:4786
Trust: 2.0
db:NVDid:CVE-2002-2315
Trust: 1.7
db:CNNVDid:CNNVD-200212-654
Trust: 0.7
db:BUGTRAQid:20020521 CISCO IOS ICMP REDIRECT DOS
Trust: 0.6
db:BUGTRAQid:20020521 CISCO IOS ICMP REDIRECT DOS - CISCO'S RESPONSE
Trust: 0.6
db:XFid:9129
Trust: 0.6
db:SEEBUGid:SSVID-75291
Trust: 0.1
db:EXPLOIT-DBid:21465
Trust: 0.1
db:VULHUBid:VHN-6698
Trust: 0.1
sources:
            
            
            VULHUB: VHN-6698 // 
            
            
            
            BID: 4786 // 
            
            
            
            CNNVD: CNNVD-200212-654 // 
            
            
            
            NVD: CVE-2002-2315

REFERENCES
url:http://www.securityfocus.com/bid/4786
Trust: 1.7
url:http://online.securityfocus.com/archive/1/273421
Trust: 1.7
url:http://online.securityfocus.com/archive/1/273488
Trust: 1.7
url:http://www.iss.net/security_center/static/9129.php
Trust: 1.7
sources:
            
            
            VULHUB: VHN-6698 // 
            
            
            
            CNNVD: CNNVD-200212-654 // 
            
            
            
            NVD: CVE-2002-2315

CREDITS
Discovery of this issue is credited to FX <fx@phenoelit.de>.
Trust: 0.9
sources:
            
            
            BID: 4786 // 
            
            
            
            CNNVD: CNNVD-200212-654

SOURCES
db:VULHUBid:VHN-6698
db:BIDid:4786
db:CNNVDid:CNNVD-200212-654
db:NVDid:CVE-2002-2315

LAST UPDATE DATE
2025-04-03T22:26:20.451000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-6698date:2008-09-05T00:00:00
db:BIDid:4786date:2002-05-21T00:00:00
db:CNNVDid:CNNVD-200212-654date:2002-12-31T00:00:00
db:NVDid:CVE-2002-2315date:2025-04-03T01:03:51.193

SOURCES RELEASE DATE
db:VULHUBid:VHN-6698date:2002-12-31T00:00:00
db:BIDid:4786date:2002-05-21T00:00:00
db:CNNVDid:CNNVD-200212-654date:2002-12-31T00:00:00
db:NVDid:CVE-2002-2315date:2002-12-31T05:00:00