The Cisco Content Service Switch contains a denial-of-service vulnerability that allows remote attackers to reboot affected devices.
The Cisco Content Service Switch (CSS) products include support for the session and application layers. This additional functionality allows a CSS device to make packet switching decisions based on packet contents (such as HTML tags) rather than relying solely upon packet header information.
The CSS 11000 series switch contains a vulnerability that causes the device to reboot when an HTTPS POST request is sent to its web management interface. Please note that this vulnerability can be exploited by unauthenticated attackers.
This vulnerability allows arbitrary remote attackers to reboot affected devices, creating a denial-of-service condition.
Apply a patch from Cisco
Prevent access to the web management interface
This document was written by Jeffrey P. Lanza based on information provided by Cisco Systems.
|Date First Published:||2002-05-22|
|Date Last Updated:||2002-05-30 14:37 UTC|