[179427] in North American Network Operators' Group
Re: Cisco Routers Vulnerability
daemon@ATHENA.MIT.EDU (Rashed Alwarrag)
Mon Apr 13 17:54:11 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <552C38D9.3030506@foobar.org>
Date: Tue, 14 Apr 2015 00:48:39 +0300
From: Rashed Alwarrag <rali.ahmed@gmail.com>
To: Nick Hilliard <nick@foobar.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
It's reported by different customers in different locations so I don't
think it's password compromised
Regards
On Tuesday, April 14, 2015, Nick Hilliard <nick@foobar.org> wrote:
> On 13/04/2015 23:29, Rashed Alwarrag wrote:
> > Today we have a lot of customers report that their Cisco routers got a
> root
> > access and the IOS got erased , is there any known vulnerability in cisco
> > products thats they report in their Security alerts about this recently
> ?
> > is there any one face the same issue ?
>
> "show tech-support" might give you a list of the last commands issued on
> the devices. It's more likely to be a password compromise than a remote
> vuln.
>
> Nick
>
>
--
*Rashed Alwarrag *
