CVE-2002-0792
CVSS5.0
发布时间 :2002-08-12 00:00:00
修订时间 :2008-09-05 16:28:57
NMCOS    

[原文]The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.


[CNNVD]Cisco Content Service Switch HTTPS Post拒绝服务攻击漏洞(CNNVD-200208-139)

        
        Cisco Content Service (CSS)交换机是一款第5和7层相关的交换机,提供对WEB服务的内容缓冲,这些交换机运行WebNS软件。
        Cisco Content Service (CSS)交换机在处理HTTP POST数据时存在漏洞,可导致远程攻击者进行拒绝服务攻击。
        Cisco Content Service (CSS)交换机一般使用8081端口进行WEB管理,攻击者可以发送HTTPS POST请求导致设备重新启动,产生拒绝服务攻击。
        由于此问题发生在验证之前,任意远程攻击者无需认证就可以进行拒绝服务攻击。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:cisco:webns:5.0_0.038sCisco WebNS 5.0 0.038s
cpe:/a:cisco:webns:5.0_1.012sCisco WebNS 5.0 1.012s
cpe:/a:cisco:webns:4.0_1.053sCisco WebNS 4.0 1.053s
cpe:/a:cisco:webns:5.1_0.0.10Cisco WebNS 5.1 0.0.10
cpe:/h:cisco:content_services_switch_11000Cisco Content Service 11000
cpe:/a:cisco:webns:5.0_2.005sCisco WebNS 5.0 2.005s

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0792
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-0792
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200208-139
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/686939
(UNKNOWN)  CERT-VN  VU#686939
http://www.kb.cert.org/vuls/id/330275
(UNKNOWN)  CERT-VN  VU#330275
http://www.securityfocus.com/bid/4748
(VENDOR_ADVISORY)  BID  4748
http://www.securityfocus.com/bid/4747
(VENDOR_ADVISORY)  BID  4747
http://www.iss.net/security_center/static/9083.php
(VENDOR_ADVISORY)  XF  cisco-css-http-dos(9083)
http://www.cisco.com/warp/public/707/css-http-post-pub.shtml
(VENDOR_ADVISORY)  CISCO  20020515 Content Service Switch Web Management HTTP Processing Vulnerabilities

- 漏洞信息

Cisco Content Service Switch HTTPS Post拒绝服务攻击漏洞
中危 其他
2002-08-12 00:00:00 2005-10-20 00:00:00
远程  
        
        Cisco Content Service (CSS)交换机是一款第5和7层相关的交换机,提供对WEB服务的内容缓冲,这些交换机运行WebNS软件。
        Cisco Content Service (CSS)交换机在处理HTTP POST数据时存在漏洞,可导致远程攻击者进行拒绝服务攻击。
        Cisco Content Service (CSS)交换机一般使用8081端口进行WEB管理,攻击者可以发送HTTPS POST请求导致设备重新启动,产生拒绝服务攻击。
        由于此问题发生在验证之前,任意远程攻击者无需认证就可以进行拒绝服务攻击。
        

- 公告与补丁

        临时解决方法:
        如果您不能立刻安装补丁或者升级,CNNVD建议您采取以下措施以降低威胁:
        * 关闭Web管理接口。
        厂商补丁:
        Cisco
        -----
        Cisco已经为此发布了一个安全公告(Cisco-css-http-post)以及相应补丁:
        Cisco-css-http-post:Content Service Switch HTTP Processing Vulnerabilities
        链接:
        http://www.cisco.com/warp/public/707/css-http-post-pub.shtml

        此问题影响运行了WebNS 4.01.053s版本和之前的,5.00.038s版本和之前的, 5.01.012s版本和之前的, 5.02.005s版本和之前的软件。
        已经提供如下升级程序:
        Cisco WebNS 4.0 1.053s:
        Cisco Upgrade WebNS 5.00.045
        此补丁针对WebNS 04.01.053s和之前的版本,也适用与05.00.038s和之前的版本。
        Cisco WebNS 5.0 2.005s:
        Cisco Upgrade WebNS 5.03
        此补丁针对WebNS 05.01.012s和之前的版本, 也适用与05.02.005s和之前的版本。
        Cisco WebNS 5.0 1.012s:
        Cisco Upgrade WebNS 5.03
        此补丁针对WebNS 05.01.012s和之前的版本, 也适用与05.02.005s和之前的版本。
        Cisco WebNS 5.0 0.038s:
        Cisco Upgrade WebNS 5.00.045
        此补丁针对WebNS 04.01.053s和之前的版本,也适用与05.00.038s和之前的版本。
        Cisco WebNS 5.1 0.0.10:
        以上补丁可通过联系CISCO TAC获得:
         * +1 800 553 2447 (来自北美用户的免费电话)
         * +1 408 526 7209 (全球对方付费电话)
         * e-mail: tac@cisco.com

- 漏洞信息

8854
Cisco CSS 11000 Web Interface HTTPS POST DoS
Remote / Network Access Denial of Service
Loss of Availability Upgrade
Exploit Unknown Vendor Verified

- 漏洞描述

Cisco WebNS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker submits a malformed POST or XML data to the web management interface, and will result in loss of availability for the service by rebooting the device.

- 时间线

2002-05-15 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 5.10.0.01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Cisco Content Service Switch XML Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 4748
Yes No
2002-05-15 12:00:00 2009-07-11 12:46:00
This issue was announced in a Cisco Security Advisory.

- 受影响的程序版本

Cisco WebNS 5.1 0.0.10
+ Cisco CSS11000 Content Services Switch
+ Cisco CSS11050 Content Services Switch
+ Cisco CSS11150 Content Services Switch
+ Cisco CSS11501 Content Services Switch
+ Cisco CSS11503 Content Services Switch
+ Cisco CSS11506 Content Services Switch
+ Cisco CSS11800 Content Services Switch
Cisco WebNS 5.0 2.005s
+ Cisco CSS11000 Content Services Switch
+ Cisco CSS11050 Content Services Switch
+ Cisco CSS11150 Content Services Switch
+ Cisco CSS11501 Content Services Switch
+ Cisco CSS11503 Content Services Switch
+ Cisco CSS11506 Content Services Switch
+ Cisco CSS11800 Content Services Switch
Cisco WebNS 5.0 1.012s
+ Cisco CSS11000 Content Services Switch
+ Cisco CSS11050 Content Services Switch
+ Cisco CSS11150 Content Services Switch
+ Cisco CSS11501 Content Services Switch
+ Cisco CSS11503 Content Services Switch
+ Cisco CSS11506 Content Services Switch
+ Cisco CSS11800 Content Services Switch
Cisco WebNS 5.0 0.038s
+ Cisco CSS11000 Content Services Switch
+ Cisco CSS11050 Content Services Switch
+ Cisco CSS11150 Content Services Switch
+ Cisco CSS11501 Content Services Switch
+ Cisco CSS11503 Content Services Switch
+ Cisco CSS11506 Content Services Switch
+ Cisco CSS11800 Content Services Switch
Cisco WebNS 4.0 1.053s
+ Cisco CSS11000 Content Services Switch
+ Cisco CSS11050 Content Services Switch
+ Cisco CSS11150 Content Services Switch
+ Cisco CSS11501 Content Services Switch
+ Cisco CSS11503 Content Services Switch
+ Cisco CSS11506 Content Services Switch
+ Cisco CSS11800 Content Services Switch

- 漏洞讨论

The Cisco Content Service (CSS) switch is a Layer 5 and 7 aware switch capable of providing a front-end to web server farms and caches. These switches run WebNS software.

It is possible to cause some Cisco Content Service Switches (CSS) to reboot by sending XML data to the web management interface of the device.

The CSS 11000 series switches are known to be affected by this vulnerability.

- 漏洞利用

There is no exploit code required.

- 解决方案

This issue affects devices running WebNS versions 4.01.053s and earlier, 5.00.038s and earlier, 5.01.012s and earlier, and versions 5.02.005s and earlier. Upgrades are pending for WebNS 5.10.0.01.

The following upgrades have been made available:


Cisco WebNS 4.0 1.053s
  • Cisco WebNS 5.00.045
    This upgrade applies to WebNS versions 04.01.053s and earlier, and also 05.00.038s and earlier.


Cisco WebNS 5.0 1.012s
  • Cisco WebNS 5.03
    This upgrade applies to WebNS versions 05.01.012s and earlier, and also 05.02.005s and earlier.


Cisco WebNS 5.0 0.038s
  • Cisco WebNS 5.00.045
    This upgrade applies to WebNS versions 04.01.053s and earlier, and also 05.00.038s and earlier.


Cisco WebNS 5.0 2.005s
  • Cisco WebNS 5.03
    This upgrade applies to WebNS versions 05.01.012s and earlier, and also 05.02.005s and earlier.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站