Re: Code red II crashes cisco 678

From: brian_carpioat_private
Date: Mon Aug 06 2001 - 11:15:52 PDT

  • Next message: bjarne bingo: "Re: Code red II crashes cisco 678"

    Seems that the problem also occurs on Cisco 675 even if the web interface
    is dissabled.. the way I fixes this was to deny all trafic DIRECTLY to the
    routers IP and wan0-0 interface this still allows the boxes behind the
    router to be accessable from the internet (for instance if you have a web
    server etc..) but the code red will not crash the router any more. 
    
    I was told that all I needed to do was dissable the web interface on the
    router and i was fine in my case that seemed to be incorrect.. 
    
    --------------
    Brian Carpio
    CSG Systems Inc.
    Open Systems Unix System Admin
    
    x3317
    --------------
    
    --- Security is a Process NOT a Product ----
    
    On Mon, 6 Aug 2001, Blue Boar wrote:
    
    > We've got reported crashes for Cisco DSL router, HP JetDirect
    > print servers, Xylan Omniswitch, and 3com CoreBuilder 3500, all from
    > Code Red(s).  
    > 
    > Note to Code Red authors: Umm... that's some impressive random noise
    > web server testing there guys...
    > 
    > Anyway, has anyone explored whether these crashes are exploitable
    > beyond DoS?
    > 
    > 					BB
    > 
    



    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 12:45:16 PDT