| VID |
29042 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco CatOS has an embedded HTTP server buffer overflow vulnerability(CISCO bug ID CSCdy26428).
The exploitation of this issue can result in a software forced reset of this device. Repeated exploitation may lead to a denial of service until the workaround for this vulnerability has been implemented or a fixed version of software has been loaded onto the device.
If the HTTP server is enabled on a Cisco Catalyst switch running an affected CiscoView image, by sending an overly long HTTP query, a remote attacker can cause a buffer overflow and result in a software reset of the switch.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. This check also requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/catos-http-overflow-vuln.shtml
* Platforms Affected:
Cisco CatOS software versions 5.4 through 7.3 that contain an embedded HTTP server |
| Recommendation |
Upgrade to the latest version of Cisco CatOS (5.5(17) or 6.3(9) or 7.4(1) and later), as listed in Cisco Security Advisory, http://www.cisco.com/warp/public/707/catos-http-overflow-vuln.shtml .
Upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com/public/sw-center/sw-lan.shtml .
As a workaround, disable the HTTP server on the Cisco switch. For example:
Router(config)# set ip http server disable |
| Related URL |
CVE-2002-1222 (CVE) |
| Related URL |
5976 (SecurityFocus) |
| Related URL |
10382 (ISS) |
|
