Cisco 11500 Content Services Switch HTTP Compression Remote Denial of Service Vulnerability

Bugtraq ID:	17383
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Apr 05 2006 12:00AM
Updated:	Apr 05 2006 10:58PM
Credit:	Reported by the vendor.
Vulnerable:	Cisco CSS11500 Content Services Switch 7.30 (00.09)S Cisco CSS11500 Content Services Switch 7.30 (00.08)S Cisco CSS11500 Content Services Switch 7.20 (03.10)S Cisco CSS11500 Content Services Switch 7.20 (03.09)S Cisco CSS11500 Content Services Switch 7.10 (05.07)S Cisco CSS11500 Content Services Switch 7.5 Cisco CSS11500 Content Services Switch 7.4 Cisco CSS11500 Content Services Switch
Not Vulnerable:

Cisco 11500 Content Services Switch HTTP Compression Remote Denial of Service Vulnerability

Cisco 11500 Content Services Switch is prone to a remote denial-of-service vulnerability.

A successful attack can allow an attacker to trigger a reload on the device. A sustained denial-of-service condition can also arise due to repeated attacks.

Cisco 11500 Content Services Switch HTTP Compression Remote Denial of Service Vulnerability


An attacker may use readily available network utilities to carry out this attack.

Cisco 11500 Content Services Switch HTTP Compression Remote Denial of Service Vulnerability

Solution:

Cisco has released an advisory with fix information to address this issue. Please see the references for more information.

Cisco 11500 Content Services Switch HTTP Compression Remote Denial of Service Vulnerability

References:

• CSS 11500 Series Content Services Switches Product Page (Cisco)
  
• Cisco Security Advisory: Cisco 11500 Content Services Switch HTTP Request Vulner (Cisco Systems Product Security Incident Response Team )