First published: Wed Feb 13 2013(Updated: )
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco IOS | ||
Cisco Catalyst 2820 | ||
Cisco Catalyst 2820 | =9.0_0.07 | |
Cisco Catalyst 2900 | ||
Cisco Catalyst 2900 | =lre_xl | |
Cisco Catalyst 2900 | =xl | |
Cisco Catalyst 2900 | ||
Cisco Catalyst 2900 XL | ||
Cisco 2901 | ||
Cisco Catalyst 2902 | ||
Cisco Catalyst 2920 | ||
Cisco Catalyst 2926 | ||
Cisco Catalyst 2926f | ||
Cisco Catalyst 2926gl | ||
Cisco Catalyst 2926gs | ||
Cisco Catalyst 2926t | ||
Cisco Catalyst 2940 | ||
Cisco Catalyst 2948G | ||
Cisco Catalyst 2948G | ||
Cisco Catalyst 2948G | ||
Cisco Catalyst 2948 GE TX | ||
Cisco Catalyst 2950 LRE | ||
Cisco Catalyst 2950 LRE | ||
Cisco Catalyst 2955 | ||
Cisco Catalyst 2970 | ||
Cisco Catalyst 2980G-A | ||
Cisco Catalyst 2980G | ||
Cisco Catalyst 3000 | ||
Cisco Catalyst 3200 | ||
Cisco Catalyst 3500 | ||
Cisco Catalyst 3500 | ||
Cisco Catalyst 3500 | ||
Cisco Catalyst 3550 | ||
Cisco Catalyst 3560 | ||
Cisco Catalyst 3560 | ||
Cisco Catalyst 3560 | ||
Cisco Catalyst 3750 | ||
Cisco Catalyst 3750e-48pd-s | ||
Cisco Catalyst 3750X-24P-L | ||
Cisco Catalyst 3750 Metro | ||
Cisco Catalyst 3750G | ||
Cisco Catalyst 3900 | ||
Cisco Catalyst 4000 | ||
Cisco Catalyst 4200 | ||
Cisco Catalyst 4224 | ||
Cisco Catalyst 4232 | ||
Cisco Catalyst 4232 | ||
Cisco Catalyst 4500 | ||
Cisco Catalyst 4503-e | ||
Cisco Catalyst 4506-E | ||
Cisco Catalyst 4507R/E | ||
Cisco Catalyst 4510R+E | ||
Cisco Catalyst 4840G | ||
Cisco Catalyst 4908G-L3 | ||
Cisco Catalyst 4912G | ||
Cisco Catalyst 4948e Ethernet Switch | ||
Cisco Catalyst 5000 | ||
Cisco Catalyst 5500 | ||
Cisco Catalyst 5505 | ||
Cisco Catalyst 5509 | ||
Cisco Catalyst 6000 | ||
Cisco Catalyst 6000 | =2.2\(1a\) | |
Cisco Catalyst 6000 | =3.1\(1a\) | |
Cisco Catalyst 6000 ws-svc-nam-2 | =2.2\(1a\) | |
Cisco Catalyst 6000 ws-svc-nam-2 | =3.1\(1a\) | |
Cisco Catalyst 6500 ws-x6380-nam | =2.1\(2\) | |
Cisco Catalyst 6500 ws-x6380-nam | =3.1\(1a\) | |
Cisco Catalyst 6500-E | ||
Cisco Catalyst 6500 Wireless Services Module | =2.2\(1a\) | |
Cisco Catalyst 6500 Wireless Services Module | =3.1\(1a\) | |
Cisco Catalyst 6000 ws-svc-nam-2 | =2.2\(1a\) | |
Cisco Catalyst 6000 ws-svc-nam-2 | =3.1\(1a\) | |
Cisco Catalyst 6500 Series Switches | =2.1\(2\) | |
Cisco Catalyst 6500 Series Switches | =3.1\(1a\) | |
cisco catalyst 6503-e firmware | ||
Cisco Catalyst 6504-E Firmware | ||
Cisco Catalyst 6506-E Firmware | ||
Cisco Catalyst 6509-E Firmware | ||
Cisco Catalyst 6509-NEB-A Firmware | ||
Cisco Catalyst 6509-V-E | ||
Cisco Catalyst 6513 | ||
Cisco Catalyst 6513 | ||
Cisco Catalyst 6608 | ||
Cisco Catalyst 6624 | ||
Cisco Catalyst 7600 Series | ||
Cisco Catalyst 7600 | =2.2\(1a\) | |
Cisco Catalyst 7600 | =3.1\(1a\) | |
Cisco Catalyst 7600 | =2.2\(1a\) | |
Cisco Catalyst 7600 | =3.1\(1a\) | |
Cisco Catalyst 7600 Series | =2.1\(2\) | |
Cisco Catalyst 7600 Series | =3.1\(1a\) | |
Cisco Catalyst 8500L Series Router | ||
Cisco Catalyst 8510 CSR | ||
Cisco Catalyst 8510MSR | ||
Cisco Catalyst 8540CSR | ||
Cisco Catalyst 8540MSR | ||
Cisco Catalyst WS-C2924-XL |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-1100 has been rated as a medium severity issue due to its potential to cause a denial of service.
CVE-2013-1100 allows remote attackers to crash affected Cisco IOS devices by sending crafted packets to TCP ports 80 or 443.
To address CVE-2013-1100, apply the appropriate security patches or updates provided by Cisco for affected IOS versions.
CVE-2013-1100 affects Cisco IOS running on various Catalyst switches.
Yes, CVE-2013-1100 can be exploited remotely by sending specially crafted packets.