[14804] in bugtraq
Re: Possible issue with Cisco on-line help?
daemon@ATHENA.MIT.EDU (Fernando Montenegro)
Sat May 6 16:00:30 2000
Message-Id: <20000504120430.17546.qmail@securityfocus.com>
Date: Thu, 4 May 2000 12:04:30 -0000
Reply-To: Fernando Montenegro <fsmontenegro@INAME.COM>
From: Fernando Montenegro <fsmontenegro@INAME.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000502222246.28423.qmail@securityfocus.com>
Hi!
I have received information from Matti Saarinen
<mjs@cc.tut.fi> explaining how the on-line help can be
configured to show all the commands available (see below).
This explains the apparent lack of authorization control
over the "show" options.
It seems that the only issue left is that there is so much
information available from the non-enabled account.I would
think that, on account of that, the recommendation for
"jailing" the user still applies, though.
Cheers,
Fernando
Extracts from the message received from Matti Saarinen
<mjs@cc.tut.fi> :
> Router2>show ?> backup Backup status
> cef Cisco Express Forwarding
> clock Display the system clock
> dialer Dialer parameters and statistics
> flash: display information about flash: file>
system
> history Display the session command history>
...>
> Notice that we did not see an "access-lists" option, so
the
> help system thinks we should not be able to run it...
Yes, you cannot normally see access-lists option in
the output of the help system.
router>sh ?
alps Alps information
atm ATM information
backup Backup status[cut]
But when you enable full help the access-lists
option is there
with many others:
router>terminal full-help
router>sh ?
access-expression List access expression
access-lists List access lists
adjacency Adjacent nodes
aliases Display alias commands
alps Alps information
arp ARP table
async Information on terminal lines used as
router interfaces
atm ATM information
backup Backup status
And the privilege level was 1 the whole time:
router>sh priv
Current privilege level is 1
