|
Vulnerability Development
mailing list archives
Re: Code red II crashes cisco 678
From: brian_carpio () csgsystems com
Date: Mon, 6 Aug 2001 12:15:52 -0600 (MDT)
Seems that the problem also occurs on Cisco 675 even if the web interface
is dissabled.. the way I fixes this was to deny all trafic DIRECTLY to the
routers IP and wan0-0 interface this still allows the boxes behind the
router to be accessable from the internet (for instance if you have a web
server etc..) but the code red will not crash the router any more.
I was told that all I needed to do was dissable the web interface on the
router and i was fine in my case that seemed to be incorrect..
--------------
Brian Carpio
CSG Systems Inc.
Open Systems Unix System Admin
x3317
--------------
--- Security is a Process NOT a Product ----
On Mon, 6 Aug 2001, Blue Boar wrote:
We've got reported crashes for Cisco DSL router, HP JetDirect
print servers, Xylan Omniswitch, and 3com CoreBuilder 3500, all from
Code Red(s).
Note to Code Red authors: Umm... that's some impressive random noise
web server testing there guys...
Anyway, has anyone explored whether these crashes are exploitable
beyond DoS?
BB
 By Date 
By Thread
Current thread:
- Re: Code red II crashes cisco 678, (continued)
|
Intro
