Earlier today, Cisco released a security advisory concerning the Apache HTTPd DoS vulnerability discussed last week (see here).
Cisco is continuing to evaluate the web services embedded in a number of their devices including their Wireless Control System, some of their Video Surveillance and Video Communication Services, and multiple lines of switches which may contain this vulnerability.
In most of these cases, there are workarounds or other forms of mitigation available (such as restricting the IPs or Hosts which can access the service on affected devices). More information is available at http://www.cisco.com/warp/public/707/cisco-sa-20110830-apache.shtml
Scott Fendley ISC Handler
Aug 30th 2011
8 years ago