Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1111


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1111
Last Modified 04 Mar 2009 12:23:50
Published 10 Jan 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.

Vulnerable Systems

Operating System

  • Cisco Ios 12.2%2814%29sz

  • Cisco Ios 12.2%2818%29ew

  • Cisco Ios 12.2%2818%29ewa

  • Cisco Ios 12.2%2818%29s

  • Cisco Ios 12.2%2818%29se

  • Cisco Ios 12.2%2818%29sv

  • Cisco Ios 12.2%2818%29sw

  • Cisco Ios 12.2%2820%29ew


CERT-VN - VU#630104

CERT - TA04-316A

XF - cisco-ios-dhcp-dos(18021)

CISCO - 20041110 Cisco Security Advisory: Cisco IOS DHCP Blocked Interface Denial-of-Service

CIAC - P-034

Last Updated: 27 May 2016 10:38:54