Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
546
Views
0
Helpful
1
Replies

Vulnerabilities Apache ciscoworks LMS2.5

alfonso.cornejo
Level 3
Level 3

‎01-26-2009 08:00 AM

Hi to all,

The security department of my customer site ran a Vulnerability test on the LMS server and they found this:

Level High

Apache Speculative Mode Denial Of Service

Apache mod_ssl Plain HTTP Request DoS

Level Medium

Apache 1.3.x Multiple Vulnerabilities

Apache Environment Variable Conf File Buffer Overflow

CHARGEN service (Simple TCP Services on Windows) - REMOTE

Apache mod_alias and mod_rewrite Buffer Overflow

Is there a patch or a procedure that I can perform in order to fix this vulnerabilities???

Thanks in advance for your help.

Labels:
0 Helpful
1 Reply 1

Joe Clarke
Cisco Employee
Cisco Employee

‎01-26-2009 09:48 AM

You'll need to upgrade to LMS 2.6 SP1 first. Once there, you will be eligible for the upcoming Apache 1.3.41 update (fix for CSCsx09107). LMS 2.6 can be downloaded from http://www.cisco.com/cgi-bin/tablebuild.pl/lms26 , and the SP1 components can be downloaded from within Common Services > Software Center > Software Update.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents