Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Unpatched flaw in cisco IOS

Unpatched flaw in cisco IOS 12 years 8 months ago #11952

  • ping
  • ping's Avatar Topic Author
  • Offline
  • Distinguished Member
  • Distinguished Member
  • Posts: 181
  • Thank you received: 0
A recent advisory from Cisco details an unpatched flaw in its IOS HTTP server.

The flaw could allow execution of malicious code against the device, or other cross-site scripting attacks depending on conditions. A proof of concept exploit has been created which attempts to reset the password on affected devices.

The vulnerability and above mentioned exploit were originally posted to BugTraq on November 28.


Although a patch is not currently availableCisco has provided several workarounds on the advisory page for the interim.

Info can be found http://www.securityfocus.com/brief/70

Workaround found http://www.cisco.com/warp/public/707/cisco-sa-20051201-http.shtml

Bugtraq Posting from November found here http://www.securityfocus.com/archive/1/417916
More information can be found on the page of poc.


Cheers.. :D

~Pranav

Re: Unpatched flaw in cisco IOS 12 years 8 months ago #11960

  • jwj
  • jwj's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 350
  • Thank you received: 0
If you're running http server on a Cisco router...you're just asking for trouble anyways. :wink:

Re: Unpatched flaw in cisco IOS 12 years 8 months ago #11978

  • jhun
  • jhun's Avatar
  • Offline
  • Senior Member
  • Senior Member
  • Posts: 356
  • Thank you received: 0
well there seems to be more vulnerabilities found on cisco lately.

:roll:
  • Page:
  • 1
Time to create page: 0.146 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup