18 Cisco port tcp/7161 carriage return Denial of Service Network devices 2003/11/13 Marc Ruef marc dot ruef at computec dot ch http://www.computec.ch computec.ch Marc Ruef marc dot ruef at computec dot ch http://www.computec.ch computec.ch 2004/11/13 1.3 Corrected the plugin structure and added the accuracy values in 1.3. tcp 7161 open|sleep|send \n|sleep 5|close|open|sleep 10|close|icmp_alive open|sleep|send \n|sleep 5|close|open|sleep 10|close|icmp_alive 30 30 This plugin can cause a denial of service against the vulnerable target. Use the check with cause. Cisco Systems info at cisco dot com http://www.cisco.com Cisco routers Denial Of Service According to ID CSCdi74333 it is possible to crash a Cisco device connecting to port tcp/7161 and sending a carriage return. Filter incoming traffic on port tcp/7161 and upgrade your Cisco firmware. 30 minutes Yes http://www.securityfocus.com/bid/705/exploit/ Yes No High 6 7 8 7 High Nessus is able to do the same check. CVE-1999-0430 705 10046 Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 http://www.computec.ch