RE: Cisco vulnerability scanning increase

From: Jose Nazario (jose_at_monkey.org)
Date: 09/03/05

  • Next message: NotPhunny Dude: "Re: Cisco vulnerability scanning increase"
    Date: Fri, 2 Sep 2005 19:20:29 -0400 (EDT)
    To: incidents@securityfocus.com
    
    

    as noted on the nanog list recently, this vulnerability is from 2001 and
    has been fixed in the 12.x releases of IOS.

            http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html

    from the advisory:

    The workaround for this vulnerability is to disable HTTP server on the
    router or to use TACACS+ or Radius for authentication.

    To disable HTTP server, use the following commands:

    Router# configure terminal
    Enter configuration commands, one per line. End with CNTL/Z.
    Router(config)# no ip http server

    hope this helps,

    ________
    jose nazario, ph.d. jose@monkey.org
    http://monkey.org/~jose/ http://infosecdaily.net/
                                            http://www.wormblog.com/


  • Next message: NotPhunny Dude: "Re: Cisco vulnerability scanning increase"

    Relevant Pages