CVE-2004-1111

Name of the Vulnerable Software and Affected Versions: Cisco IOS versions 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command

Description: The issue allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. This occurs because the affected Cisco IOS devices keep undeliverable DHCP packets in the queue instead of dropping them. Cisco IOS devices running branches of Cisco IOS version 12.2S with Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled are vulnerable to this denial of service.

Recommendations: For versions 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command: consider applying the "no service dhcp" command to mitigate the issue. For Cisco IOS devices running branches of Cisco IOS version 12.2S with Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled: update to a fixed software version provided by Cisco to address this issue. As a temporary workaround, consider disabling the DHCP server or relay agent until a patch is available.