Re: Two birds with one worm.

From: Emre Yildirim (emreat_private)
Date: Thu Jul 19 2001 - 13:16:46 PDT

Next message: bugzillaat_private: "[RHSA-2001:093-03] Updated procmail packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1"

Previous message: aleph1at_private: "HPSBUX0107-162 & HPSBUX0107-161"
In reply to: Jason Hansen: "Two birds with one worm."
Next in thread: Harris, Michael C.: "Re: Two birds with one worm."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> It looks like the "Code Red" worm has the added side effect of crashing
> Cisco (675/678) DSL CPEs running any CBOS prior to 2.4.1. The GET it
> sends looking for IIS servers hardlocks any modem with the web
> management interface enabled.
>
> CBOS v2.4.2 is unaffected.  Also, turning off the web interface with
> 'set web disabled' also prevents the crashes.

I think this is an old bug in the Cisco DSL routers, and not really directly
related to the "code red" worm.  If the router runs an old version of
CBOS, justissuing GET ? will lock it up.  Like you mentioned, the best thing would
be todisable the web interface or upgrade the firmware.

Take a look at Bugtraq ID 2012 and this post from the archives:

http://www.securityfocus.com/frames/?content=/templates/archive.pike%
3Flist%3D1%26mid%3D147562

It might be related.
Cheers,

--
emreat_private

Next message: bugzillaat_private: "[RHSA-2001:093-03] Updated procmail packages available for Red Hat Linux 5.2, 6.2, 7 and 7.1"
Previous message: aleph1at_private: "HPSBUX0107-162 & HPSBUX0107-161"
In reply to: Jason Hansen: "Two birds with one worm."
Next in thread: Harris, Michael C.: "Re: Two birds with one worm."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 14:43:08 PDT