Cisco CatOS CiscoView HTTP Server存在缓冲溢出发布时间:2002-10-21 更新时间:2002-10-21 严重程度:中 威胁程度:远程拒绝服务 错误类型:边界检查错误 利用方式:服务器模式 BUGTRAQ ID:5976 受影响系统 Cisco CatOS 5.4详细描述 部分Cisco CatOS包含的HTTP服务程序存在拒绝服务攻击。 攻击者可以提交超长的HTTP查询,由于缓冲溢出而产生交换机复位。 默认情况下HTTP服务程序关闭。 测试代码 无 解决方案 补丁下载: Cisco CatOS 5.4: Cisco CatOS 5.5 (13a): Cisco Upgrade CatOS 5.5(16.2) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco Upgrade CatOS 5.5(17) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco CatOS 5.5: Cisco Upgrade CatOS 5.5(16.2) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco Upgrade CatOS 5.5(17) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco CatOS 6.1 (2): Cisco Upgrade CatOS 6.3(8.3) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco Upgrade CatOS 6.3(9) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco CatOS 6.1: Cisco Upgrade CatOS 6.3(8.3) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco Upgrade CatOS 6.3(9) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco CatOS 7.3: Cisco CatOS 7.4: Cisco Upgrade CatOS 7.4(0.63) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml Cisco Upgrade CatOS 7.4(1) http://www.cisco.com/kobayashi/sw-center/sw-lan.shtml 相关信息 Cisco Security Advisory. 参考:http://online.securityfocus.com/advisories/4564 |
