Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.

BID:4813 | URL:http://www.securityfocus.com/bid/4813 | BID:4814 | URL:http://www.securityfocus.com/bid/4814 | BID:4815 | URL:http://www.securityfocus.com/bid/4815 | CISCO:20020523 CBOS - Improving Resilience to Denial-of-Service Attacks | URL:http://www.cisco.com/warp/public/707/CBOS-DoS.shtml | XF:cisco-cbos-dhcp-dos(9151) | URL:http://www.iss.net/security_center/static/9151.php | XF:cisco-cbos-tcpip-dos(9153) | URL:http://www.iss.net/security_center/static/9153.php | XF:cisco-cbos-telnet-cpe-dos(9152) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/9152