[原文]Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.
Cisco 11500 Content Services Switch HTTP Compression DoS
Remote / Network Access
Denial of Service
Loss of Availability
Cisco 11500 series Content Service Switches contains a flaw that may allow a remote denial of service. The issue is triggered when either "a valid, but obsolete" or a "specially crafted" HTTP request is received, and will result in loss of availability for the service. The flaw is only exploitable when HTTP compression is enabled, but it is not clear what role compression plays in exploitation of the flaw.
Upgrade to version 22.214.171.124 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by disabling HTTP compression.