Oval Definition:	oval:org.mitre.oval:def:5826
Revision Date: 2008-09-08 Version: 1 Title: Cisco Multiple Router Products Web Setup Configuration Error Vulnerability Description: The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190. Family: ios Class: vulnerability Status: ACCEPTED Reference(s): CVE-2006-3595 Platform(s): Cisco IOS Product(s): Definition Synopsis config contains: ^\s*ip http AND NOT config contains: enable secret AND NOT config contains: ^\s*ip http authentication AND NOT config contains: enable password
BACK