The first vulnerability, which has been assigned Cisco bug ID CSCdm03231,
can be used to cause system reloads, and therefore denial of service, using
TCP connections to the routers' TELNET ports.
The second vulnerability has not been assigned a bug ID. 7xx routers running
software versions 3.2(5) through 4.2(3) support a simple HTTP server. This
HTTP server is enabled by default. Unless the server is explicitly disabled,
it can be used to make changes to the router configuration, and/or to gain
information about that configuration. This is intentional behavior, but is
mentioned in this notice because it appears that customers have been caught
unawares by it.
