Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2841Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco IOS

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources
Severity
7.5HIGHNVD
EPSS
33.9%
top 3.03%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Cisco IOSCisco IOS Firewall
Timeline
PublishedSep 8
Latest updateMay 1

Description

Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDcisco/ios6 versions+5

🔴Vulnerability Details

1
GHSA
GHSA-gw7g-cgfh-x45p: Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 122022-05-01

💥Exploits & PoCs

1
Exploit-DB
Cisco IOS 12.x - Firewall Authentication Proxy Buffer Overflow2005-09-07

📋Vendor Advisories

2
Cisco
Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow2005-09-07
Cisco
Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow
CVE-2005-2841 — Cisco IOS vulnerability | cvebase