Cisco.600.Series.Web.Administration.DoS
Description
It indicates an attempt to exploit a Denial of Service vulnerability in some versions of CiscoSecure ACS for Windows NT.
The vulnerability is due to an error when handling a malformed HTTP GET requests on the telnet port. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.
Affected Products
Cisco CBOS 2.3.8
Cisco CBOS 2.3.7
Cisco CBOS 2.3.5
Cisco CBOS 2.3.2
Cisco CBOS 2.3
Cisco CBOS 2.2.1 a
Cisco CBOS 2.2.1
Cisco CBOS 2.2
Cisco CBOS 2.1 a
Cisco CBOS 2.1
Cisco CBOS 2.0.1
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Upgrade to the latest version.
http://www.cisco.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |