VAR-200212-0120
Vulnerability from variot - Updated: 2025-04-03 22:30The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. IOS is the Internet Operating System, used on Cisco routers. It is distributed and maintained by Cisco. Hot Standby Routing Protocol (HSRP) is a protocol used to allow multiple routers to dynamically act as backups in the event of router failure. HSRP traffic takes place over UDP port 1985. A vulnerability has been reported in some versions of IOS. It may be possible for maliciously constructed HSRP traffic to create a loop condition, resulting in a denial of service attack. It has been reported possible to cause this condition in version 12.1 of IOS. Other versions of IOS may share this vulnerability, this has not however been confirmed. This issue has been assigned Cisco Bug ID CSCdu38323. CISCO's HSRP protocol itself has design problems, which can lead to denial of service attacks by attackers on the local network. The HSRP protocol does not have a strict security verification mechanism, and the router communication on the network is not checked correctly. The attacker can set the loop interface address on the active router. When the virtual router is advertised through the HSRP protocol, the loop interface is directly used. resulting in a denial of service. This attack can only work on the local network because most routers do not forward the address (224.0.0.2) that is multicast to all routers
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0120",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "12.1"
}
],
"sources": [
{
"db": "BID",
"id": "4949"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrew Vladimirov\u203b andrew@arhont.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2053",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2053",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-6436",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2053",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-274",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6436",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6436"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. IOS is the Internet Operating System, used on Cisco routers. It is distributed and maintained by Cisco. Hot Standby Routing Protocol (HSRP) is a protocol used to allow multiple routers to dynamically act as backups in the event of router failure. HSRP traffic takes place over UDP port 1985. \nA vulnerability has been reported in some versions of IOS. It may be possible for maliciously constructed HSRP traffic to create a loop condition, resulting in a denial of service attack. \nIt has been reported possible to cause this condition in version 12.1 of IOS. Other versions of IOS may share this vulnerability, this has not however been confirmed. This issue has been assigned Cisco Bug ID CSCdu38323. CISCO\u0027s HSRP protocol itself has design problems, which can lead to denial of service attacks by attackers on the local network. The HSRP protocol does not have a strict security verification mechanism, and the router communication on the network is not checked correctly. The attacker can set the loop interface address on the active router. When the virtual router is advertised through the HSRP protocol, the loop interface is directly used. resulting in a denial of service. This attack can only work on the local network because most routers do not forward the address (224.0.0.2) that is multicast to all routers",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2053"
},
{
"db": "BID",
"id": "4949"
},
{
"db": "VULHUB",
"id": "VHN-6436"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4949",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2053",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274",
"trust": 0.7
},
{
"db": "XF",
"id": "9283",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020605 THREE POSSIBLE DOS ATTACKS AGAINST SOME IOS VERSIONS.",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20020606 RE: THREE POSSIBLE DOS ATTACKS AGAINST SOME IOS VERSIONS.",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "2956",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6436",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6436"
},
{
"db": "BID",
"id": "4949"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"id": "VAR-200212-0120",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6436"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:30:54.560000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4949"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0027.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0050.html"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9283.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/2956"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6436"
},
{
"db": "BID",
"id": "4949"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6436"
},
{
"db": "BID",
"id": "4949"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6436"
},
{
"date": "2002-06-05T00:00:00",
"db": "BID",
"id": "4949"
},
{
"date": "2002-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6436"
},
{
"date": "2002-06-05T00:00:00",
"db": "BID",
"id": "4949"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-274"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2053"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco counterfeit HSRP Loop Rejection Service Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "4949"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-274"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…