Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2000-0984 | First vendor Publication | 2000-12-19 |
| Vendor | Cve | Last vendor Modification | 2018-05-03 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0984 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5918 | |||
| Oval ID: | oval:org.mitre.oval:def:5918 | ||
| Title: | Cisco IOS HTTP Server Query Vulnerability | ||
| Description: | The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | ||
| Family: | ios | Class: | vulnerability |
| Reference(s): | CVE-2000-0984 | Version: | 1 |
| Platform(s): | Cisco IOS | Product(s): | |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 6717 | Cisco IOS HTTP Server ?/ String Local DoS Cisco devices running IOS software may be prone to a denial of service attack if a URL containing the question mark followed by a slash (?/) is requested. The device will enter an infinite loop when the supplied with the URL containing a "?/" and an enable password. Subequently, the router or switch will crash in two minutes after the watchdog timer has expired and will then reload. In certain cases the device will not reload and restart. In such a case, however, a manual restart would be required to regain normal functionality. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-09-01 | Name : The remote device is missing a vendor-supplied security patch File : cisco-sa-20001025-ios-http-server-queryhttp.nasl - Type : ACT_GATHER_INFO |
| 2001-05-29 | Name : The remote switch has a denial of service vulnerability. File : cisco-view-source-dos.nasl - Type : ACT_KILL_HOST |
Sources (Detail)
| Source | Url |
|---|---|
| BID | http://www.securityfocus.com/bid/1838 |
| CISCO | http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml |
| XF | https://exchange.xforce.ibmcloud.com/vulnerabilities/5412 |
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:01:12 |
|
| 2021-04-22 01:01:25 |
|
| 2020-05-23 00:14:28 |
|
| 2018-05-03 09:19:24 |
|
| 2014-02-17 10:23:21 |
|
| 2013-05-11 12:01:57 |
|
