[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cisco IOS vulnerability

To: afnog at afnog.org
Subject: Cisco IOS vulnerability
From: Brian Candler <B.Candler at pobox.com>
Date: Wed, 25 Jul 2001 17:31:39 +0100
Content-Disposition: inline
Content-Type: text/plain; charset=us-ascii
Delivered-To: archive at [216.129.132.164]
Delivered-To: <afnog at afnog.org>
Sender: owner-afnog at uol.co.ug
User-Agent: Mutt/1.2.5i

Anyone with a Cisco switch or router needs to read this:
http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html

Basically if you have HTTP access turned on, anyone on the Internet can have
full access to it without any restriction, e.g. using a URL like this:
http://x.x.x.x/level/17/exec/show%20conf
N.B. The "17" may have to be changed to another number (16-99) depending on
version of IOS and hardware config.

Brian.

-----
This is the afnog mailing list, managed by Majordomo 1.94.4

To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is maintained by owner-afnog at afnog.org

Follow-Ups:
- Re: Cisco IOS vulnerability
  - From: Philip Smith <pfs at cisco.com>

Prev by Date: Re: Prevention of DOS Attacks
Next by Date: Re: Prevention of DOS Attacks
Prev by thread: Re: [freenix] FreeBSD CD
Next by thread: Re: Cisco IOS vulnerability
Index(es):
- Date
- Thread