nanog mailing list archives

Re: Cisco IOS Vulnerability

From: Roland Dobbins <rdobbins () netmore net>
Date: Fri, 29 Jun 2001 21:08:33 -0700


Now, if we could just stop people from posting to email lists
using HTML and/or RTF-formatted mail . . .

Larry Diffey wrote:


CERT and Cisco have issued a warning about a vulnerability in the
Cisco IOS starting at version 11.3 and affecting all later versions.

If your Cisco equipment is HTTP enabled and you're not using TACACS+
or RADIUS for authentication it is vulnerable to complete takeover.
The hack is very simple.

Please read the Cisco warning and/or the CERT advisory for further
information.

The warnings were released yesterday.

Happy Hacker Stopping.

Larry Diffey


-- 
------------------------------------------------------------
Roland Dobbins <rdobbins () netmore net> // 408.859.4137 voice

Current thread:

Cisco IOS Vulnerability Larry Diffey (Jun 29)
- Re: Cisco IOS Vulnerability up (Jun 29)
- Re: Cisco IOS Vulnerability Roland Dobbins (Jun 29)