Cisco IOS HTTP Service GET Request Remote DoS

high Nessus Plugin ID 10387

Synopsis

The remote router has a denial of service vulnerability.

Description

The remote host appears to be a Cisco router. It was possible to lock this device by sending the following request :

GET /%% HTTP/1.0

You need to reboot it to make it work again.

A remote attacker may use this flaw to disrupt the network.

Solution

Upgrade to the latest version of IOS, or disable the web server by issuing the following command on the router:

no ip http server

See Also

https://seclists.org/bugtraq/2000/Apr/235

http://www.nessus.org/u?3bcafed3

Plugin Details

Severity: High

ID: 10387

File Name: cisco_http_dos.nasl

Version: 1.41

Type: remote

Family: CISCO

Published: 4/29/2000

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/14/2000

Vulnerability Publication Date: 5/14/2000

Reference Information

CVE: CVE-2000-0380

BID: 1154

CWE: 20