The Cisco IOS HTTP Server contains a vulnerability that may permit a remote attacker to execute arbitrary code on the system.
Cisco IOS ships with an HTTP Server. A buffer overflow vulnerability exists in the HTTP Server and may be exploited if a remote attacker sends a crafted HTTP request larger than 2GB in size. The HTTP server is not enabled by default on the majority of IOS platforms. This vulnerability is only exploitable if the HTTP Server is enabled. According to the Cisco documentation regarding this issue, all Cisco IOS software versions except 12.3 and 12.3T are affected, CatOS and PIX are not affected. Cisco has also issued an alert regarding this issue. An exploit for this vulnerability has been posted publicly.
An attacker can cause the router to reboot, and potentially execute arbitrary code on the router. Repeatedly rebooting the router will result in a denial-of-service situation.
Cisco has released a document to address this issue. According to the Cisco documentation regarding this issue, 12.3 and 12.3T-based images are not vulnerable.
According to the Cisco documentation:
The workaround is to configure access lists to explicitly permit authorized hosts or networks to the http service.
The syntax for this command for routers and switches running Cisco IOS software is:
**ip http access-class <access-list number> **
access-list <access-list number> permit host <authorized host #1>
access-list <access-list number> permit host <authorized host #2>
…
access-list <access-list number> deny any
The <access-list number> in the above example needs to be in the range of 1-99 or 1300-1399 (IP Standard access list range).
579324
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: July 31, 2003
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please see <http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00801a97e1.shtml>
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23579324 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported to Cisco by FX of Phenoelit.
This document was written by Jason A Rafail.
CVE IDs: | None |
---|---|
Severity Metric: | 15.82 Date Public: |