nanog mailing list archives
Re: Cisco IOS Vulnerability
From: <up () 3 am>
Date: Fri, 29 Jun 2001 21:02:42 -0400 (EDT)
On Fri, 29 Jun 2001, Larry Diffey wrote:
CERT and Cisco have issued a warning about a vulnerability in the Cisco IOS starting at version 11.3 and affecting all later versions. If your Cisco equipment is HTTP enabled and you're not using TACACS+ or RADIUS for authentication it is vulnerable to complete takeover. The hack is very simple.
Yeah, well who enables httpd on their Ciscos, anyway? Wait a sec, the Catalysts have this enabled by default... James Smallacombe PlantageNet, Inc. CEO and Janitor up () 3 am http://3.am =========================================================================
Current thread:
- Cisco IOS Vulnerability Larry Diffey (Jun 29)
- Re: Cisco IOS Vulnerability up (Jun 29)
- Re: Cisco IOS Vulnerability Roland Dobbins (Jun 29)