Cisco SN Storage Router Developer Shell Unauthorized Access Vulnerability

The Cisco Storage Router is a enterprise-level gigabit-capable routing device designed to handle storage over networks. It is distributed by Cisco Systems.

A problem in the firmware used with SN 5420 routers makes it possible to gain unauthorized access and elevated privileges. A remote user may gain a developer shell from either rlogin via the fibrechannel interface of the router, or through port 8023 on the gigabit side of the router. Commands and configuration changes may be executed from the shell, and are not logged by the SN logging facility,.


 

Privacy Statement
Copyright 2010, SecurityFocus