Vulnerability Development mailing list archives
Cisco 2621
From: Ollie Whitehouse <ollie () DELPHISPLC COM>
Date: Thu, 7 Sep 2000 14:22:55 +0100
All, During a recent attack & penetration test the following was discovered, thought it might be interesting. Router : 2621 Software : Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) The router's AUX line had been configured as follows: line aux 0 no exec password 7 ********** login transport input all The NMAP scan of that network showed the following: Port State Service 23/tcp open telnet 2065/tcp open dlsrpn Doing a who on the router showed the following also (this is while a connection is open on port 2065): 2621router>who Line User Host(s) Idle Location 65 aux 0 incoming 00:00:32 192.168.0.1 * 66 vty 0 idle 00:00:00 192.168.11.87 No exploitable, but just keep it in mind when you see port 2065 listening ;o). Rgds Ollie ----- Ollie Whitehouse Security Team Leader Delphis Consulting tel: +44 (0)20 79160200 mai: ollie () delphisplc com This e-mail and any files transmitted with it are intended solely for the addressee and are confidential. They may also be legally privileged.Copyright in them is reserved by Delphis Consulting PLC ["Delphis"] and they must not be disclosed to, or used by, anyone other than the addressee.If you have received this e-mail and any accompanying files in error, you may not copy, publish or use them in any way and you should delete them from your system and notify us immediately.E-mails are not secure. Delphis does not accept responsibility for changes to e-mails that occur after they have been sent. Any opinions expressed in this e-mail may be personal to the author and may not necessarily reflect the opinions of Delphis
Current thread:
- Cisco 2621 Ollie Whitehouse (Sep 07)
- <Possible follow-ups>
- Re: Cisco 2621 Lincoln Yeoh (Sep 08)
- Re: Cisco 2621 Erick B. (Sep 12)