iDefense Alert: Cisco Web Administration DDoS VulnerabilityBy David Morgenstern | Print
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
iDefense Inc. on Thursday reported a design error vulnerability in Cisco Systems Inc.' 600 series Web Administration service that opens the router up to a distributed denial-of-service condition.Security intelligence firm iDefense Inc. on April 1, reported that remote exploitation of a design error vulnerability in Cisco Systems Inc.' 600 series Web Administration service allows for a distributed-denial-of-service (DDoS) condition. The company rated the severity of this security event as high.
The Web Administration service on the Cisco 627, 633, 673, 675, 675E, 677, 677i and 678 routers are unable to properly handle multiple 'GET' requests from separate clients. When the Cisco 600 series router is accessed via the HTTP protocol (TCP port 80) through multiple connections, the Cisco 600 series router will fail, the Reston, Va.-based security company said in Thursday's alert report.
"The Cisco 600 series router will stop routing data and will also stop responding to configuration requests via the web interface. The Cisco 600 series routers commonly ship with the web interface enabled by default, and many ISPs provide them to customers in this default configuration," the report stated.