Vulnerability Development mailing list archives
Re: Code red II crashes cisco 678
From: leE <lee () nerds org uk>
Date: Mon, 6 Aug 2001 10:19:19 +0100 (BST)
On Sun, 5 Aug 2001, Geo. wrote:
All day I've had customers calling with cisco 678 routers running cbos 2.4.2 with the web interface disabled. Seems their routers have been crashing. We traced this back to the code red worm. For some reason even with web disabled on these routers port 80 remains open. Simply running a port scan and cutting off the connection is enough to crash the router. Locks up solid. I also found a solution, by doing a set web remote ipaddress where ipaddress is one of their internal IP's you can prevent outside addresses from being able to crash the router. Just a heads up guys, if you are seeing 678's crashing, give it a try, it's working here. Geo.
Has anyone tried to replicate this on other Cisco's at all? I ask because I guess it's entirely likely that chunks of IOS code are the same for other routers. Lee -- Lee Brotherston - <lee () nerds org uk> http://www.nerds.org.uk
Current thread:
- Code red II crashes cisco 678 Geo. (Aug 05)
- Re: Code red II crashes cisco 678 leE (Aug 06)
- Re: Code red II crashes cisco 678 leE (Aug 07)
- Re: Code red II crashes cisco 678 JAX (Aug 06)
- Re: Code red II crashes cisco 678 Sam (Aug 06)
- Re: Code red II crashes cisco 678 JAX (Aug 06)
- Re: Code red II crashes cisco 678 Sam (Aug 06)
- RE: Code red II crashes cisco 678 Vladimir Kraljevic (Aug 06)
- Re: Code red II crashes cisco 678 Blue Boar (Aug 06)
- Re: Code red II crashes cisco 678 brian_carpio (Aug 06)
- Re: Code red II crashes cisco 678 R. Boon (Aug 08)
- <Possible follow-ups>
- Re: Code red II crashes cisco 678 Albaniantranslators.com Webmaster (Aug 06)
- RE: Code red II crashes cisco 678 Johnson, Michael (Aug 06)
(Thread continues...)
- Re: Code red II crashes cisco 678 leE (Aug 06)