exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New


Posted Mar 17, 1999


SHA-256 | ec18f8630adbdcb9eddafd6c28302af79c7b7e7ac3b1498eb8e451b8c84b8561


Change Mirror Download

From xforce@ISS.NET Sun Mar 14 05:19:11 1999
From: X-Force <xforce@ISS.NET>
To: BUGTRAQ@netspace.org
Date: Thu, 11 Mar 1999 11:44:28 -0500
Subject: ISS Security Advisory: Remote Reconfiguration and Denial of Service Vulnerabilities in Cisco 700 ISDN Routers


ISS Security Advisory
March 11, 1999

Remote Reconfiguration and Denial of Service Vulnerabilities in Cisco 700
ISDN Routers


Internet Security Systems (ISS) X-Force has discovered several
vulnerabilities in Cisco Series 700 routers. The Cisco 700 series is
popular among corporate users and telecommuters. It is used to support
networks in small offices or home offices. It is also recommended by
Internet Service Providers (ISPs) for personal ISDN connectivity. Remote
attackers may issue commands to the router without authentication. Remote
attackers may also deny network connectivity by forcing the router to

Affected Versions:

All versions of IOS/700 on all Cisco 700 series routers are vulnerable. The
700 series includes all models in the 760 and 770 series including the 762M,
766M, 772M, and the 776M. All international models in this series are also


The Cisco 700 series was formerly known as the Combinet 750 series. Cisco
acquired Combinet and repackaged its products as the Cisco 700 series. The
Cisco 700 series runs a non-traditional Cisco operating system. This
advisory is
limited to Cisco 700 series routers only.

Attackers may also take advantage of remote reconfiguration vulnerabilities
in ClickStart. ClickStart is a small embedded web server in the IOS/700
that allows for easy remote configuration. ClickStart may allow remote
attackers to connect to the router via its web server and issue certain
commands to the router. Attackers may also learn which type of switch is
connected to the router, as well as the telephone numbers for the ISDN
lines. Hackers may use this information to launch further attacks.

ClickStart does not attempt to authenticate users that connect to the web
server, nor does it automatically filter connection attempts from outside
the currently configured subnet. The 700s have the ability to filter these
attacks. For detailed filtering information, users must refer to Cisco's
on-line documentation.

Cisco 700 series is vulnerable to remote resource starvation attacks that
can immediately force the router to panic and reboot. These attacks can be
repeated indefinitely to permanently deny service to the router. The Cisco
700 series is also vulnerable to similar well-known denial of service


The ClickStart option is always set to "on" unless it is explicitly turned
off. The following command will disable ClickStart:

Router> set clickstart off

All affected users are urged to review the "For More Information" section of
this advisory. Cisco urges all Cisco 77x and 76x users to upgrade to
IOS/700 version 4.3(1). This version is not supported by the Cisco 75x
routers. All service contract customers may download updates at the
following address:


Non-contract customers should contact Cisco Technical Assistance Center
(TAC). TAC contacts are as follows:

* +1 800 553 2447 (toll-free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com

For more information:

Cisco has compiled a document entitled "Cisco 7xx TCP and HTTP
Vulnerabilities" that contains more specific information, as well as
workarounds for these vulnerabilities. It is available at the following


More extensive online documentation for the Cisco 700 series is available



These vulnerabilities were primarily researched by Dan Ingevaldson of the
ISS X-Force. ISS appreciates the assistance of the individuals at Cisco


Copyright (c) 1999 by Internet Security Systems, Inc. Permission is
hereby granted for the electronic redistribution of this Security Alert.
It is not to be edited in any way without express consent of the X-Force.
If you wish to reprint the whole or any part of this Alert Summary in any
other medium excluding electronic medium, please e-mail xforce@iss.net for

Internet Security Systems, Inc. (ISS) is the leading provider of adaptive
network security monitoring, detection, and response software that
protects the security and integrity of enterprise information systems. By
dynamically detecting and responding to security vulnerabilities and
threats inherent in open systems, ISS's SAFEsuite family of products
provide protection across the enterprise, including the Internet,
extranets, and internal networks, from attacks, misuse, and security
policy violations. ISS has delivered its adaptive network security
solutions to organizations worldwide, including firms in the Global 2000,
nine of the ten largest U.S. commercial banks, and over 35 governmental
agencies. For more information, call ISS at 678-443-6000 or 800-776-2362
or visit the ISS Web site at http://www.iss.net..

The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.

X-Force PGP Key available at: http://www.iss.net/xforce/sensitive.html
as well as on MIT's PGP key server and PGP.com's key server.

Please send suggestions, updates, and comments to:
X-Force <xforce@iss.net> of Internet Security Systems, Inc.

Version: 2.6.3a
Charset: noconv

Login or Register to add favorites

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By