Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cisco vulnerability scanning increase

From: Jose Nazario <jose () monkey org>
Date: Fri, 2 Sep 2005 19:20:29 -0400 (EDT)
as noted on the nanog list recently, this vulnerability is from 2001 and
has been fixed in the 12.x releases of IOS.

        http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html

from the advisory:

The workaround for this vulnerability is to disable HTTP server on the
router or to use TACACS+ or Radius for authentication.

To disable HTTP server, use the following commands:

Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# no ip http server





hope this helps,

________
jose nazario, ph.d.                     jose () monkey org
http://monkey.org/~jose/                http://infosecdaily.net/
                                        http://www.wormblog.com/
Previous By Date Next
Previous By Thread Next

Current thread: