CWE
399
Advisory Published
Updated

CVE-2013-1100

First published: Wed Feb 13 2013(Updated: )

The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port (1) 80 or (2) 443, aka Bug ID CSCuc53853.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco IOS
Cisco Catalyst 2820
Cisco Catalyst 2820=9.0_0.07
Cisco Catalyst 2900
Cisco Catalyst 2900=lre_xl
Cisco Catalyst 2900=xl
Cisco Catalyst 2900
Cisco Catalyst 2900 XL
Cisco 2901
Cisco Catalyst 2902
Cisco Catalyst 2920
Cisco Catalyst 2926
Cisco Catalyst 2926f
Cisco Catalyst 2926gl
Cisco Catalyst 2926gs
Cisco Catalyst 2926t
Cisco Catalyst 2940
Cisco Catalyst 2948G
Cisco Catalyst 2948G
Cisco Catalyst 2948G
Cisco Catalyst 2948 GE TX
Cisco Catalyst 2950 LRE
Cisco Catalyst 2950 LRE
Cisco Catalyst 2955
Cisco Catalyst 2970
Cisco Catalyst 2980G-A
Cisco Catalyst 2980G
Cisco Catalyst 3000
Cisco Catalyst 3200
Cisco Catalyst 3500
Cisco Catalyst 3500
Cisco Catalyst 3500
Cisco Catalyst 3550
Cisco Catalyst 3560
Cisco Catalyst 3560
Cisco Catalyst 3560
Cisco Catalyst 3750
Cisco Catalyst 3750e-48pd-s
Cisco Catalyst 3750X-24P-L
Cisco Catalyst 3750 Metro
Cisco Catalyst 3750G
Cisco Catalyst 3900
Cisco Catalyst 4000
Cisco Catalyst 4200
Cisco Catalyst 4224
Cisco Catalyst 4232
Cisco Catalyst 4232
Cisco Catalyst 4500
Cisco Catalyst 4503-e
Cisco Catalyst 4506-E
Cisco Catalyst 4507R/E
Cisco Catalyst 4510R+E
Cisco Catalyst 4840G
Cisco Catalyst 4908G-L3
Cisco Catalyst 4912G
Cisco Catalyst 4948e Ethernet Switch
Cisco Catalyst 5000
Cisco Catalyst 5500
Cisco Catalyst 5505
Cisco Catalyst 5509
Cisco Catalyst 6000
Cisco Catalyst 6000=2.2\(1a\)
Cisco Catalyst 6000=3.1\(1a\)
Cisco Catalyst 6000 ws-svc-nam-2=2.2\(1a\)
Cisco Catalyst 6000 ws-svc-nam-2=3.1\(1a\)
Cisco Catalyst 6500 ws-x6380-nam=2.1\(2\)
Cisco Catalyst 6500 ws-x6380-nam=3.1\(1a\)
Cisco Catalyst 6500-E
Cisco Catalyst 6500 Wireless Services Module=2.2\(1a\)
Cisco Catalyst 6500 Wireless Services Module=3.1\(1a\)
Cisco Catalyst 6000 ws-svc-nam-2=2.2\(1a\)
Cisco Catalyst 6000 ws-svc-nam-2=3.1\(1a\)
Cisco Catalyst 6500 Series Switches=2.1\(2\)
Cisco Catalyst 6500 Series Switches=3.1\(1a\)
cisco catalyst 6503-e firmware
Cisco Catalyst 6504-E Firmware
Cisco Catalyst 6506-E Firmware
Cisco Catalyst 6509-E Firmware
Cisco Catalyst 6509-NEB-A Firmware
Cisco Catalyst 6509-V-E
Cisco Catalyst 6513
Cisco Catalyst 6513
Cisco Catalyst 6608
Cisco Catalyst 6624
Cisco Catalyst 7600 Series
Cisco Catalyst 7600=2.2\(1a\)
Cisco Catalyst 7600=3.1\(1a\)
Cisco Catalyst 7600=2.2\(1a\)
Cisco Catalyst 7600=3.1\(1a\)
Cisco Catalyst 7600 Series=2.1\(2\)
Cisco Catalyst 7600 Series=3.1\(1a\)
Cisco Catalyst 8500L Series Router
Cisco Catalyst 8510 CSR
Cisco Catalyst 8510MSR
Cisco Catalyst 8540CSR
Cisco Catalyst 8540MSR
Cisco Catalyst WS-C2924-XL

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2013-1100?

    CVE-2013-1100 has been rated as a medium severity issue due to its potential to cause a denial of service.

  • How does CVE-2013-1100 affect Cisco devices?

    CVE-2013-1100 allows remote attackers to crash affected Cisco IOS devices by sending crafted packets to TCP ports 80 or 443.

  • How do I fix CVE-2013-1100?

    To address CVE-2013-1100, apply the appropriate security patches or updates provided by Cisco for affected IOS versions.

  • Which Cisco devices are impacted by CVE-2013-1100?

    CVE-2013-1100 affects Cisco IOS running on various Catalyst switches.

  • Can CVE-2013-1100 be exploited remotely?

    Yes, CVE-2013-1100 can be exploited remotely by sending specially crafted packets.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203