HTTP: Cisco Catalyst 3500 XL Remote Arbitrary Command
This signature detects attempts to exploit a known vulnerability against Cisco Catalyst 3500 XL. Due to insecure permissions in IOS, attackers can attempt to access a configuration file using an ordinary Web browser through a HTTP connection. Information contained in this file might lead the attackers to further compromise the device or network.
Extended Description
A vulnerability exists in the webserver configuration interface which will allow an anonymous user to execute commands. A http request which includes /exec and a known filename will reveal the contents of the particular file. In addition to disclosing the contents of files, this vulnerability could allow a user to execute arbitrary code.
Affected Products
Cisco catalyst
Short Name
HTTP:CISCO:CATALYST-ARB-CMD
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
3500 Arbitrary CVE-2000-0945 Catalyst Cisco Command Remote XL bid:1846
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Cisco
CVSS Score
10.0