There is a denial-of-service vulnerability in several Cisco switch and router products which allows an attacker to force affected devices to crash and reboot.
A vulnerability exists in multiple versions of Cisco's Internetworking Operating System (IOS) software which allows an attacker to force affected switches and routers to crash and reboot. If the IOS HTTP interface is enabled and presented with a request for "http://router-ip/anytext/%%", the software becomes trapped in a loop until a two-minute watchdog timer expires, causing the device to restart.
An attacker can force affected products to reboot, resulting in a denial-of-service while the device is restarting. In some situations, the device may not restart properly without manual intervention such as a power cycle.
Apply a patch from Cisco
Cisco has released an advisory to address this issue and has provided patches for affected versions of the IOS software. For further details, please consult the vendor section of this document.
Disable the HTTP management interface
The CERT/CC thanks Keith Woodworth for discovering this vulnerability and Cisco for the information contained in their advisory.
This document was written by Jeffrey P. Lanza.
|Date First Published:||2000-11-09|
|Date Last Updated:||2004-03-30 18:24 UTC|