Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10387
Category:Denial of Service
Title:cisco http DoS
Summary:NOSUMMARY
Description:Description:
It was possible to lock
the remote server (probably a Cisco router)
by doing the request :

GET /%% HTTP/1.0


You need to reboot it to make it work
again.

An attacker may use this flaw to crash this
host, thus preventing your network from
working properly.

Workaround : add the following rule
in your router :

no ip http server


Solution : contact CISCO for a fix
Risk factor : High

Cross-Ref: BugTraq ID: 1154
Common Vulnerability Exposure (CVE) ID: CVE-2000-0380
http://www.securityfocus.com/bid/1154
Bugtraq: 20000426 Cisco HTTP possible bug: (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html
Cisco Security Advisory: 20000514 Cisco IOS HTTP Server Vulnerability
http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml
http://www.osvdb.org/1302
XForce ISS Database: cisco-ios-http-dos
CopyrightThis script is Copyright (C) 2000 Renaud Deraison

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.