Re: Cisco Security Advisory: Cisco IOS HTTP Server Query Vulnerability

[Lisa Napier <lnapier () CISCO COM>]

At 04:45 PM 10/26/2000 -0500, Juan M. Courcoul wrote:
> "Cisco Systems Product Security Incident Response Team" wrote:
> >
> >                    Cisco IOS HTTP Server Query Vulnerability
> >
> > Revision 1.0
> >
> >   For public release 2000 October 25 at 08:00 US/Pacific (UTC+0700)
> >      _________________________________________________________________
> >
> > Summary
> >
> >    A defect in multiple releases of Cisco IOS software will cause a Cisco
> >    router or switch to halt and reload if the IOS HTTP service is
> >    enabled, browsing to "http://router-ip/anytext?/"; is attempted, and
> >    the enable password is supplied when requested. This defect can be
> >    exploited to produce a denial of service (DoS) attack.
> >
> ....snip....
> >
> >      * Catalyst 1900, 2800, 2900, 3000, and 5000 series LAN switches are
> >        not affected, except for some versions of the Catalyst 2900XL.
> >        However, optional router modules running Cisco IOS software in
> >        switch backplanes, such as the RSM module for the Catalyst 5000
> >        and 5500, are affected (see the Affected Products section above).
>
> Minor, field-tested, correction:
>
> A networking specialist working at one of our campuses has determined that
> Catalyst 2820 units with ATM interfaces are also vulnerable to this exploit,
> although the advisory implies that they are not.
>
> J. Courcoul
> ITESM

Thank you.

We are updating the advisory later today with updated version availability,
and correcting this error.

Thanks much,

Lisa Napier
Product Security Incident Response Team
Cisco Systems