DaveM
08-01-01, 11:52 PM
Code Red can be installed and not be removed by a typical power cycle on these Cisco 67x DSL modems.
QWEST issued a release statement about how to Disable the WEB interface of the modem and/or to Install the latest firmware for the DSL modem with is not CODE RED Vernerable.
If you have this modem, contact your ISP or Cisco to see if you are affected!!!
The following Cisco products may be vulnerable due to side-effects caused by the "Code Red" worm. They are not directly vulnerable to the Microsoft IIS exploit:
http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml
Cisco CSS 11000 series Content Service Switches
Cisco 600 series of DSL routers that have not been patched for a previously published vulnerability.
Various Cisco Network Management products may be installed on Microsoft platforms that may be running a vulnerable version of IIS. Much older versions of CiscoWorks 2000 RWAN/CWSI Campus v2.x and Cisco Voice Manager v1.x are directly vulnerable because IIS was required as a part of the installation. Such systems might be offering HTTP services on default ports. These specific software packages are no longer supported, but are included in this notice to alert customers that might still be using them.
QWEST issued a release statement about how to Disable the WEB interface of the modem and/or to Install the latest firmware for the DSL modem with is not CODE RED Vernerable.
If you have this modem, contact your ISP or Cisco to see if you are affected!!!
The following Cisco products may be vulnerable due to side-effects caused by the "Code Red" worm. They are not directly vulnerable to the Microsoft IIS exploit:
http://www.cisco.com/warp/public/707/cisco-code-red-worm-pub.shtml
Cisco CSS 11000 series Content Service Switches
Cisco 600 series of DSL routers that have not been patched for a previously published vulnerability.
Various Cisco Network Management products may be installed on Microsoft platforms that may be running a vulnerable version of IIS. Much older versions of CiscoWorks 2000 RWAN/CWSI Campus v2.x and Cisco Voice Manager v1.x are directly vulnerable because IIS was required as a part of the installation. Such systems might be offering HTTP services on default ports. These specific software packages are no longer supported, but are included in this notice to alert customers that might still be using them.