Cisco IOS HTTP Service GET Request Remote DoS

This script is Copyright (C) 2000-2015 Tenable Network Security, Inc.

Synopsis :

The remote router has a denial of service vulnerability.

Description :

The remote host appears to be a Cisco router. It was possible to lock
this device by sending the following request :

GET /%% HTTP/1.0

You need to reboot it to make it work again.

A remote attacker may use this flaw to disrupt the network.

See also :

Solution :

Upgrade to the latest version of IOS, or disable the web server by
issuing the following command on the router:

no ip http server

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 7.4
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 10387 (cisco_http_dos.nasl)

Bugtraq ID: 1154

CVE ID: CVE-2000-0380