[14723] in bugtraq
Re: Cisco HTTP possible bug:
daemon@ATHENA.MIT.EDU (Jim Duncan)
Sun Apr 30 23:21:56 2000
Message-Id: <200004282142.RAA06856@rtp-msg-core-1.cisco.com>
Date: Fri, 28 Apr 2000 17:42:34 -0400
Reply-To: psirt@cisco.com
From: Jim Duncan <jnduncan@CISCO.COM>
X-To: aleph1@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Message from aleph1@securityfocus.com of "Fri, 28 Apr 2000
13:29:50 PDT." <20000428132950.D20874@securityfocus.com>
aleph1@securityfocus.com writes:
> Summary of responces in this thread:
>
> Model IOS version Confirmed
> ----- ----------- ----------
> C2924XL - No
> C2900X 11.2(8)SA1 No
> 7206 12.1(1a)T1 No
> 7206 12.0(9)S Yes
> 5300 12.1(1.3)T No
> 4000 11.0 No
> 3640 12.0(7)T Yes
> 2621 12.0(5)T1 Yes
> 2514 11.2(17) Yes
> 2501 12.0-4.T Yes
> 2501 12.0(8) Yes
Thanks. This is helpful.
If it's not too much trouble, it would be particularly useful if we knew
the image names for each test, e.g., c7200-inu-mz.111-24, since that tells
us a lot more about the content of the image and the platforms it runs on.
The image name is available in the output of a "show ver" in enable mode,
and it would mean adding an extra column to your table.
For example, I'm very curious about the 7206 running 12.0(9)S and the 5300
running 12.1(1.3)T. From inspecting the code, I believe they should be
vulnerable, *if* they're running the affected image. But I can't tell
that for certain without the image name.
Thanks again.
Jim
--
Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc.
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
E-mail: <jnduncan@cisco.com> Phone(Direct/FAX): +1 919 392 6209
