Reported June 27, 2001, by Cisco Systems.
All Cisco Products using the Internetwork Operating System release 11.3 or later, including (but not limited to):
800, 1000, 1005, 1400, 1600, 1700, 2500, 2600, 3600, MC3810, 4000, 4500, 4700, 6200, 6400 NRP, 6400 NSP series Cisco routers
ubr900 and ubr920 universal broadband routers
Catalyst 2900 ATM, 2900XL, 2948g, 3500XL, 4232, 4840g, 5000 RSFC series switches
5200, 5300, 5800 series access servers
Catalyst 6000 MSM, 6000 Hybrid Mode, 6000 Native Mode, 6000 Supervisor Module, Catalyst ATM Blade
RSM, 7000, 7010, 7100, 7200, ubr7200, 7500, 10000 ESR, and 12000 GSR series Cisco routers
Catalyst 8510CSR, 8510MSR, 8540CSR, 8540MSR series switches
A vulnerability exists in Cisco’s Internetwork Operating System HTTP server that lets an unauthorized user bypass authentication and exercise complete control over the device by sending a crafted URL. An attacker can exploit this vulnerability only by using a local database for authentication (with usernames and passwords being defined on the device itself). Although using the same URL would not be effective against every Cisco Internet Operating System software and hardware combination, 84 different combinations are possible.
Cisco has issued a notice regarding this vulnerability. To work around this problem, users can disable the HTTP server on the router, or use another authentication method (e.g., RADIUS). The company recommends that users obtain a firmware upgrade through the Software Center on Cisco's Web site or through Cisco's distribution channels.
Discovered by Cisco Systems.