BugTraq
Cisco 6509 switch telnet vulnerability Oct 03 2003 12:03AM
Chris Norton (kicktd hotmail com) (2 replies)


A vulnerability has been found on Cisco 6509 switches. The vulnerability was found to work on 2 different Cisco 6509 switches running CATOS 5.4(2) and 5.5(2). The vulnerability can lead to information and commands being exectued on the remote switch from the login prompt. Commands can be exectued at the Enter password: prompt as long as they are followed by a space and a ?

Proof of concept below:

Cisco Systems Console

Enter password:

<data_size> Size of the packet (0..1420)

<cr>

Enter password: traceroute 127.0.0.1

This vulnerability has yet to be confirmed by Cisco but they have been alerted about it.

[ reply ]
Re: Cisco 6509 switch telnet vulnerability Oct 04 2003 05:55AM
Bob Niederman (btrq bob-n com) (1 replies)
Re: Cisco 6509 switch telnet vulnerability Oct 05 2003 02:25AM
twig les (twigles yahoo com)
Re: Cisco 6509 switch telnet vulnerability Oct 04 2003 01:11AM
Wendy Garvin (wgarvin cisco com)


 

Privacy Statement
Copyright 2010, SecurityFocus