SecurityFocus BUGTRAQ Mailing List: BugTraqLink Number One Link Number One Link Number Two Link Number Two Link Number One Link Number One Link Number Two Link Number Two Entire Site Advisories Calendar Columnists Elsewhere Guest Feature Infocus Library Links Mailing Lists (all) -- BUGTRAQ -- FOCUS-IDS -- FOCUS-IH -- FOCUS-LINUX -- FOCUS-MS -- FOCUS-SUN -- FOCUS-VIRUS -- FORENSICS -- INCIDENTS -- PEN-TEST -- SEC JOBS -- SF NEWS -- VULN-DEV News Products Services Tools Vulns BUGTRAQ ARCHIVE [ Message Index ] [ Thread Index ][ Reply ] [ prev Msg by Date ][ next Msg by Date ] To: BugTraq Subject: Cisco 6509 switch telnet vulnerability Date: Oct 3 2003 12:03AM Author: Chris Norton Message-ID: <20031003000326.4614.qmail@sf-www2-symnsj.securityfocus.com> A vulnerability has been found on Cisco 6509 switches. The vulnerability was found to work on 2 different Cisco 6509 switches running CATOS 5.4(2) and 5.5(2). The vulnerability can lead to information and commands being exectued on the remote switch from the login prompt. Commands can be exectued at the Enter password: prompt as long as they are followed by a space and a ? Proof of concept below: Cisco Systems Console Enter password: Size of the packet (0..1420) Enter password: traceroute 127.0.0.1 This vulnerability has yet to be confirmed by Cisco but they have been alerted about it. Want to link to this message? Use this URL: Disclaimer, Terms & Conditions About this List Featured Lists: ARIS Users bugtraq bugtraq-es bugtraq-french NEW bugtraq-jp firewalls focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics forensics-es honeypots incidents libnet pen-test secevents secpapers secprog sectools secureshell security-basics security-management NEW securityjobs vpn vuln-dev webappsec Newsletters: sf-news ms-secnews linux-secnews [ more . . . ] Privacy Statement Copyright © 1999-2003 SecurityFocus