Published: 26/04/2000 Updated: 10/09/2008

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 715

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

The IOS HTTP service in Cisco routers and switches running IOS 11.1 up to and including 12.1 allows remote malicious users to cause a denial of service by requesting a URL that contains a %% string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 11.2\\(9\\)p
cisco ios 11.2\\(9\\)xa
cisco ios 11.2p
cisco ios 11.3
cisco ios 12.0\\(2\\)xf
cisco ios 12.0\\(2\\)xg
cisco ios 12.0\\(3\\)t2
cisco ios 12.0\\(4\\)
cisco ios 12.0\\(4\\)s
cisco ios 11.2\\(10\\)bc
cisco ios 11.2\\(4\\)f1
cisco ios 11.2\\(8\\)p
cisco ios 11.3\\(1\\)
cisco ios 11.3\\(1\\)t
cisco ios 12.0\\(2\\)
cisco ios 12.0\\(2\\)xd
cisco ios 12.0\\(5\\)
cisco ios 12.0\\(6\\)
cisco ios 12.0s
cisco ios 11.1
cisco ios 11.2
cisco ios 11.2\\(10\\)
cisco ios 12.0
cisco ios 12.0\\(1\\)w
cisco ios 12.0\\(1\\)xa3
cisco ios 12.0\\(1\\)xb
cisco ios 12.0\\(7\\)t
cisco ios 12.0\\(8\\)
cisco ios 12.0\\(9\\)s
cisco ios 12.0db
cisco ios 11.2\\(17\\)
cisco ios 11.2\\(8\\)
cisco ios 11.3\\(1\\)ed
cisco ios 11.3t
cisco ios 12.0\\(1\\)xe
cisco ios 12.0\\(2\\)xc
cisco ios 12.0\\(4\\)t
cisco ios 12.0\\(5\\)t1
cisco ios 12.0t

#source: wwwsecurityfocuscom/bid/1154/info # #A denial of service attack exists in versions of Cisco IOS, running on a variety of different router hardware If the router is configured to have a web server running for configuration and other information a user can cause the router to crash # #!/usr/bin/perl ## # Cisco Global Exploiter # ...

CWE-20 http://archives.neohapsis.com/archives/bugtraq/2000-04/0261.html http://www.cisco.com/warp/public/707/ioshttpserver-pub.shtml http://www.securityfocus.com/bid/1154 http://www.osvdb.org/1302 https://nvd.nist.gov https://www.exploit-db.com/exploits/19882/https://www.kb.cert.org/vuls/id/24346

CVE-2000-0380

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect