Cisco 11500 Content Services Switch HTTP Compression DoS

2006-04-05T15:00:00
ID OSVDB:24433
Type osvdb
Reporter OSVDB
Modified 2006-04-05T15:00:00

Description

Vulnerability Description

Cisco 11500 series Content Service Switches contains a flaw that may allow a remote denial of service. The issue is triggered when either "a valid, but obsolete" or a "specially crafted" HTTP request is received, and will result in loss of availability for the service. The flaw is only exploitable when HTTP compression is enabled, but it is not clear what role compression plays in exploitation of the flaw.

Solution Description

Upgrade to version 8.10.1.6 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by disabling HTTP compression.

Short Description

Cisco 11500 series Content Service Switches contains a flaw that may allow a remote denial of service. The issue is triggered when either "a valid, but obsolete" or a "specially crafted" HTTP request is received, and will result in loss of availability for the service. The flaw is only exploitable when HTTP compression is enabled, but it is not clear what role compression plays in exploitation of the flaw.

References:

Security Tracker: 1015870 Secunia Advisory ID:19552 Other Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20060405-css.shtml Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-04/0114.html Keyword: CSCek24160 ISS X-Force ID: 25642 CVE-2006-1631 Bugtraq ID: 17383