nanog mailing list archives

Re: Cisco Routers Vulnerability

From: Rashed Alwarrag <rali.ahmed () gmail com>
Date: Tue, 14 Apr 2015 00:48:39 +0300

It's reported by different customers in different locations so I don't
think it's password compromised

Regards

On Tuesday, April 14, 2015, Nick Hilliard <nick () foobar org> wrote:

On 13/04/2015 23:29, Rashed Alwarrag wrote:

Today we have a lot of customers report that their Cisco routers got a

root

access and the IOS got erased , is there any known vulnerability in cisco
products thats they report in their Security alerts about this recently

 is there any one face the same issue ?


"show tech-support" might give you a list of the last commands issued on
the devices.  It's more likely to be a password compromise than a remote
vuln.

Nick


-- 

*Rashed Alwarrag *

Current thread:

Cisco Routers Vulnerability Rashed Alwarrag (Apr 13)
- Re: Cisco Routers Vulnerability Christopher Morrow (Apr 13)
- Re: Cisco Routers Vulnerability John Schiel (Apr 13)
  - Re: Cisco Routers Vulnerability Rashed Alwarrag (Apr 13)
    - Re: Cisco Routers Vulnerability John Schiel (Apr 13)
- Re: Cisco Routers Vulnerability Nick Hilliard (Apr 13)
  - Re: Cisco Routers Vulnerability Rashed Alwarrag (Apr 13)
    - Re: Cisco Routers Vulnerability Nick Hilliard (Apr 13)
    - Re: Cisco Routers Vulnerability Rashed Alwarrag (Apr 13)
    - Re: Cisco Routers Vulnerability George Herbert (Apr 13)
    - RE: Cisco Routers Vulnerability Keith Medcalf (Apr 13)
    - Re: Cisco Routers Vulnerability Doug McIntyre (Apr 19)
- Re: Cisco Routers Vulnerability Daniel Suchy (Apr 13)
- Re: Cisco Routers Vulnerability Matthew Galgoci (Apr 13)
- RE: Cisco Routers Vulnerability Steve Mikulasik (Apr 13)
  - Re: Cisco Routers Vulnerability Alain Hebert (Apr 14)