Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Apr 16, 2026
CVE-2004-1111
CVE-2004-1111
Description
Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size.
Affected products
17cpe:2.3:o:cisco:ios:12.2\(14\)sz:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:cisco:ios:12.2\(14\)sz:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(18\)ew:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(18\)ewa:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(18\)s:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(18\)se:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(18\)sv:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(18\)sw:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:12.2\(20\)ew:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:multiservice_platform_2650:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:multiservice_platform_2650xm:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:multiservice_platform_2651:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:multiservice_platform_2651xm:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:7200_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:7300_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:7500_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:7600_router:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:catalyst_7600:*:*:sup720_msfc3:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- www.kb.cert.org/vuls/id/630104nvdThird Party AdvisoryUS Government Resource
- www.us-cert.gov/cas/techalerts/TA04-316A.htmlnvdUS Government Resource
- www.ciac.org/ciac/bulletins/p-034.shtmlnvd
- www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/18021nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5632nvd
News mentions
0No linked articles in our index yet.