a/ciscohttp2

Date:         Thu, 27 Apr 2000 22:15:33 -0400
From: Jim Duncan <jnduncan@CISCO.COM>
Subject:      Re: Cisco HTTP possible bug:
To: BUGTRAQ@SECURITYFOCUS.COM

-----BEGIN PGP SIGNED MESSAGE-----

Keith Woodworth writes:
> If you have:
>
> ip http server
>
> in your running config (not a great idea to have on a live router IMO) on
> your router and you do:
>
> http://<router-ip>/%%
>
> it crashes said router. I confirmed this on my 1005 running 11.1(24) and
> another fellow said it worked on his 2621 and 2524. Though he didnt give
> IOS versions.
>
> Had to power cycle the 1005 to get it to work again. Couldnt reach it with
> telnet, http or via console cable.
>
> Just an observation.

Yep, it's a defect.  We confirmed it and the development engineers are
working on it right now.  We will post a formal advisory as soon as have a
reasonably complete fixed version section.

A workaround is to turn off management via HTTP by configuring:

    no ip http server

and saving the configuration so that it is not enabled at the next reload.

It would have been *really* nice to receive a direct notification about
this problem instead of posting it publicly.  If Cisco didn't have a
response team or we failed to respond, I could understand posting it
directly to the list.  All of the members of the Cisco Systems Product
Security Incident Response Team endorse the concept of full disclosure
forums like BUGTRAQ -- without them, you have no effective way to force
the vendor to attend to security vulnerabilities -- but simple politeness
should encourage some attempt to contact the responsible vendor before
blasting the vulnerability all over cyberspace.

We will follow up with any additional information as warranted.  Please
send any queries, comments, etc., to psirt@cisco.com and not directly to
me.  Thanks.

	Jim

- --
Jim Duncan, Product Security Incident Manager, Cisco Systems, Inc.
<http://www.cisco.com/warp/public/707/sec_incident_response.shtml>
E-mail: <jnduncan@cisco.com>  Phone(Direct/FAX): +1 919 392 6209

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2

iQB1AwUBOQjzw95wH2yjJs+JAQE8BQMAqvPz6u0hzrLUfHVgmi/z1Cj0PM7a8Kxb
ARnZCYuX5DOX7Ly4jf92GIRxp1w16Z/01wX+4XjrTHJvfOGMfgUODBYNRf4K8T8G
SftFN/PTPwtesOhXLkQo8FCWiDyw/P1g
=AbGZ
-----END PGP SIGNATURE-----