https://www.exploit-db.com/exploits/21971
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200212-298

CiscoAS5350通用网关是一款CISCO开发的设计用于语音的网关。CiscoAS5350通用网关在接收到大范围端口扫描时存在问题，远程攻击者可以利用这个漏洞进行拒绝服务攻击。攻击者可以使用Nmap扫描程序，对CiscoAS5350通用网关的1-65535的端口进行扫描，可导致系统挂起，需要重新启动设备获得正常功能。不过对于这个问题有多种不同看法，有的认为如果没有访问控制(ACL)采用在设备上就不会存在这个问题，有的认为这个应该是已发布的SSH漏洞，也有认为这个问题相关于配置不当。

source: http://www.securityfocus.com/bid/6059/info

The Cisco AS5350 Universal Gateway is reported to be prone to a denial of service condition. It is possible to cause this condition by portscanning a vulnerable device.

This issue was reported for Cisco AS5350 devices running Cisco IOS release 12.2(11)T. Other firmware and devices may also be affected.

There are conflicting reports regarding the existence of this vulnerability. One source states that this condition reportedly does not occur if there are no Access Control Lists (ACL) applied on the device and also mentions that this may be related to a known SSH bug. Other sources have indicated that the issue may be related to a configuration problem. 

nmap -Tinsane -p 1-65535 <target>

来源:BID
名称:6059
链接:http://www.securityfocus.com/bid/6059
来源:XF
名称:cisco-as5350-portscan-dos(10522)
链接:http://www.iss.net/security_center/static/10522.php
来源:CISCO
名称:20021029ResponsetoBugTraq-CiscoAS5350CrasheswithnmapConnectScan
链接:http://www.cisco.com/en/US/products/hw/univgate/ps501/products_security_notice09186a008024dba2.html
来源:BUGTRAQ
名称:20021029Re:CISCOas5350crasheswithnmapconnectscan
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00420.html
来源:BUGTRAQ
名称:20021029Re:CISCOas5350crasheswithnmapconnectscan
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00413.html
来源:BUGTRAQ
名称:20021029Re:CISCOas5350crasheswithnmapconnectscan
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00411.html
来源:BUGTRAQ
名称:20021028CISCOas5350crasheswithnmapconnectscan
链接:http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00397.html
来源：NSFOCUS
名称：3747
链接：http://www.nsfocus.net/vulndb/3747