Re: Cisco HTTP possible bug:

[jnduncan () CISCO COM (Jim Duncan)]

aleph1 () securityfocus com writes:
> Summary of responces in this thread:
>
> Model         IOS version     Confirmed
> -----         -----------     ----------
> C2924XL       -               No
> C2900X        11.2(8)SA1      No
> 7206          12.1(1a)T1      No
> 7206          12.0(9)S        Yes
> 5300          12.1(1.3)T      No
> 4000          11.0            No
> 3640          12.0(7)T        Yes
> 2621          12.0(5)T1       Yes
> 2514          11.2(17)        Yes
> 2501          12.0-4.T        Yes
> 2501          12.0(8)         Yes

Thanks.  This is helpful.

If it's not too much trouble, it would be particularly useful if we knew
the image names for each test, e.g., c7200-inu-mz.111-24, since that tells
us a lot more about the content of the image and the platforms it runs on.
The image name is available in the output of a "show ver" in enable mode,
and it would mean adding an extra column to your table.

For example, I'm very curious about the 7206 running 12.0(9)S and the 5300
running 12.1(1.3)T.  From inspecting the code, I believe they should be
vulnerable, *if* they're running the affected image.  But I can't tell
that for certain without the image name.

Thanks again.

        Jim


--
Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc.
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
E-mail: <jnduncan () cisco com>  Phone(Direct/FAX): +1 919 392 6209