[17383] in bugtraq
Re: Cisco Security Advisory: Cisco IOS HTTP Server Query
daemon@ATHENA.MIT.EDU (Juan M. Courcoul)
Thu Oct 26 21:41:12 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <39F8A610.60B5DD7A@campus.qro.itesm.mx>
Date: Thu, 26 Oct 2000 16:45:52 -0500
Reply-To: courcoul@campus.qro.itesm.mx
From: "Juan M. Courcoul" <courcoul@campus.qro.itesm.mx>
To: BUGTRAQ@SECURITYFOCUS.COM
"Cisco Systems Product Security Incident Response Team" wrote:
>
> Cisco IOS HTTP Server Query Vulnerability
>
> Revision 1.0
>
> For public release 2000 October 25 at 08:00 US/Pacific (UTC+0700)
> _________________________________________________________________
>
> Summary
>
> A defect in multiple releases of Cisco IOS software will cause a Cisco
> router or switch to halt and reload if the IOS HTTP service is
> enabled, browsing to "http://router-ip/anytext?/" is attempted, and
> the enable password is supplied when requested. This defect can be
> exploited to produce a denial of service (DoS) attack.
>
....snip....
>
> * Catalyst 1900, 2800, 2900, 3000, and 5000 series LAN switches are
> not affected, except for some versions of the Catalyst 2900XL.
> However, optional router modules running Cisco IOS software in
> switch backplanes, such as the RSM module for the Catalyst 5000
> and 5500, are affected (see the Affected Products section above).
Minor, field-tested, correction:
A networking specialist working at one of our campuses has determined that
Catalyst 2820 units with ATM interfaces are also vulnerable to this exploit,
although the advisory implies that they are not.
J. Courcoul
ITESM
