[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: Cisco 675 Denial of Service Attack
From: Nicholas Ianelli <xtreme () ERIE ! NET>
Date: 2000-11-30 20:00:30
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well, this exploit works on a Cisco 677 running CBOS 2.2.0.002. It
does not work when you specify the web server to only accept
connections from certain IP's. You could spoof them, but have fun
guessing the IP ;)
Nicholas Ianelli, Network Administrator
Stargate-Erie
www.erie.net
105 Poplar Street, Erie, PA 16507
814-456-2117 Ext. 7432 (v)
877-841-6689 (toll-free)
814-454-9660 (f)
nianelli@stargate.net
Title : Cisco 675 Web Administration Denial of Service
Device: Cisco 675 DSL Router
Class : Denial of Service (remote)
Vendor Notified: January 10th, 2000 (Yes folks, 11 months ago)
The Cisco 675 DSL routers with the Web Administration Interface
enabled can be crashed (hard) using a simple GET request. CBOS versions
2.0.x
through 2.2.x have been found to be vulnerable. The new CBOS 2.3.x
has not been tested, but there are no notes in the 2.3.x changelogs to
indicate that they've fixed this problem. Effected 675s were configured in
PPP
mode. The 'Web Administration Interface' is enabled by default in CBOS
revisions 2.0.x and 2.2.x.
The DSL adapters in this series include: Cisco 673, Cisco 675, Cisco
675e, Cisco 676, Cisco 677, and Cisco 678. This advisory applies
specifically to
the 675 but other adapters in this series may have similar problems and
should be tested for vulnerability to this type of attack. I would be
interested in the results if someone has access to and can test the other
adapters
in this series. The CBOS codebase is an aquired OS and as such, has no
relationship at all to the main Cisco IOS codebase.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
iQA/AwUBOiayG46koUbxvfXQEQITxQCfYxQu+IHmAymPBDkRr0v8gq5Ve6kAoMLs
2G+jKLhv4w/GyS5kWHIkvSU3
=NUoo
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic