Cisco Catalyst Switches Embeded HTTP Server Long HTTP Request DoS (CSCdy26428)

This script is (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote switch is vulnerable to a buffer overflow
in its embedded HTTP server. An attacker may use this
flaw to make your switch reboot continuously, resulting
in a denial of service.

This vulnerability is documented with the CISCO
bug ID CSCdy26428.

Solution :

http://www.nessus.org/u?9ddf57aa

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 11285 (CSCdy26428.nasl)

Bugtraq ID: 5976

CVE ID: CVE-2002-1222