• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco IOS 2GB HTTP GET Buffer Overflow Vulnerability

Solution:
Cisco has released fixes for this issue. Some fixes are still pending release. Please see the attached Cisco "Sending 2GB Data in GET Request Causes Buffer Overflow in Cisco IOS Software" document for further information.

Administrators are strongly advised to use any available workarounds until it is possible to apply fixes for affected versions of IOS. Since some fixes are still pending release, arrangements should be made for workarounds to be deployed until the vendor does release fixes for all affected versions.