North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Cisco IOS Vulnerability
On Fri, 29 Jun 2001, Larry Diffey wrote: > CERT and Cisco have issued a warning about a vulnerability in the > Cisco IOS starting at version 11.3 and affecting all later versions. > > If your Cisco equipment is HTTP enabled and you're not using TACACS+ > or RADIUS for authentication it is vulnerable to complete takeover. > The hack is very simple. Yeah, well who enables httpd on their Ciscos, anyway? Wait a sec, the Catalysts have this enabled by default... James Smallacombe PlantageNet, Inc. CEO and Janitor [email protected] http://3.am =========================================================================
|