Reported January 09, 2002, by Cisco Systems.
VERSIONS AFFECTED
-
Cisco SN 5420 Storage Router software 1.1(5) and all preceding versions
DESCRIPTION
Three
vulnerabilities exist in the Cisco SN 5420 Storage Router software. With the
first problem, an attacker can cause a Denial of Service (DoS) condition and
crash the device by sending huge headers in an HTTP request. The second
vulnerability lets an intruder cause a DoS condition by sending a fragmented
packet over the gigabit interface. The third vulnerability lets an unauthorized
person access the stored configuration information.
VENDOR RESPONSE
Cisco Systems has issued a notice regarding this vulnerability. Cisco Systems recommends that customers obtain a firmware upgrade through Cisco distribution channels.
CREDIT
Discovered by Cisco Systems.