Cisco Bug: CSCuq45239 - lighttpd crash
Sep 17, 2019
- Cisco Carrier Routing System
- Cisco NCS 6008 - 8-Slot Chassis
- Cisco IOS XR Software
Known Affected Releases
Symptom: The vulnerability is due to a race condition while handling TCP sessions to the lighttpd module on the affected Cisco IOS XR device. An attacker could exploit this vulnerability by sending a number of TCP sessions to be established with the lighttpd server on the affected device. An exploit could allow the attacker to cause a reload of the lighttpd process. Conditions: Device configured with Lighthttp listening process.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases