Cisco 7xx Series Routers Clickstart HTTP Server Remote Configuration Modification

1999-03-11T00:00:00
ID OSVDB:8895
Type osvdb
Reporter Dan Ingevaldson(sales@iss.net)
Modified 1999-03-11T00:00:00

Description

Vulnerability Description

By default, Cisco 7xx series routers installs a HTTP server. The HTTP server has no password, which is publicly known and documented. This allows attackers to trivially access the the router remotely and modify configurations without authentication.

Solution Description

Upgrade to version 4.3(1) or higher as it has been reported to fix this vulnerability. It is possible to correct the flaw by implementing the following workaround(s): Enter the 'set clickstart off' command into the configuration.

Short Description

By default, Cisco 7xx series routers installs a HTTP server. The HTTP server has no password, which is publicly known and documented. This allows attackers to trivially access the the router remotely and modify configurations without authentication.

References:

Vendor Specific Advisory URL Packet Storm: http://packetstormsecurity.org/9903-exploits/cisco.7xx.tcp.http.txt Other Advisory URL: http://www.iss.net/xforce/alerts/id/advise21 Keyword: Clickstart web server vulnerability ISS X-Force ID: 1845 ISS X-Force ID: 1951 CVE-1999-0415 CIAC Advisory: j-034