Cisco Systems Inc. Information for VU#683677
Cisco IOS software vulnerable to DoS via HTTP request containing "?/"
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 09 Nov 2000
From the Cisco Advisory:
Cisco devices that may be running with affected IOS software releases include:
- Cisco routers in the AGS/MGS/CGS/AGS+, IGS, RSM, 800, ubr900, 1000, 1400, 1500, 1600, 1700, 2500, 2600, 3000, 3600, 3800, 4000, 4500, 4700, AS5200, AS5300, AS5800, 6400, 7000, 7200, ubr7200, 7500, and 12000 series.
- Most recent versions of the LS1010 ATM switch.
- The Catalyst 6000 if it is running IOS.
- The Catalyst 2900XL LAN switch only if it is running IOS.
- The Catalyst 1900, 2800, 2900, 3000, and 5000 series LAN switches are affected.
- The Cisco DistributedDirector.
If you are not running Cisco IOS software, you are not affected by this vulnerability.
Cisco products that do not run Cisco IOS software and are not affected by this defect include, but are not limited to:
- 700 series dialup routers (750, 760, and 770 series) are not affected.
- The Catalyst 6000 is not affected if it is not running IOS.
- WAN switching products in the IGX and BPX lines are not affected.
- The MGX (formerly known as the AXIS shelf) is not affected.
- No host-based software is affected.
- The Cisco PIX Firewall is not affected.
- The Cisco LocalDirector is not affected.
- The Cisco Cache Engine is not affected.
The vendor has not provided us with any further information regarding this vulnerability.
For the latest information on this vulnerability, please consult Cisco's web site at:
If you have feedback, comments, or additional information about this vulnerability, please send us email.