Release DateJan 05, 2012 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a Remote Command Execution vulnerability in Cisco IOS device administration.There exists a vulnerability in Cisco IOS devices that can be exploited by sending a carefully-constructed URL. By doing this a remote attacker can execute arbitrary commands when the HTTP server is enabled and local authorization is used. |
Affected ProductsAny Cisco IOS 11.3 to 12.2 (except 10.3, 11.0, 11.1, and 11.2) using local authentication databases, with the HTTP server enabled, is vulnerable to the attack. |
Recommended ActionsUpgrade IOS to non-vulnerable releases.Disable the HTTP server. Enable TACACS+ or radius authentication. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2000-0984CVE-2001-0537 |
Reference/shttp://www.cert.org/advisories/CA-2001-14.htmlhttp://www.securityfocus.com/bid/2936 (BugTraq) http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html |
