Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Cisco IOS Vulnerability

  • From: Vandy Hamidi
  • Date: Mon Jul 02 19:34:06 2001

Does this vulnerability affect CatOS as well?  I was under the impression it
was just IOS devices.

	-=Vandy=-

-----Original Message-----
From: up@3.am [mailto:up@3.am]
Sent: Friday, June 29, 2001 6:03 PM
To: Larry Diffey
Cc: nanog@merit.edu
Subject: Re: Cisco IOS Vulnerability



On Fri, 29 Jun 2001, Larry Diffey wrote:

> CERT and Cisco have issued a warning about a vulnerability in the
> Cisco IOS starting at version 11.3 and affecting all later versions.
> 
> If your Cisco equipment is HTTP enabled and you're not using TACACS+
> or RADIUS for authentication it is vulnerable to complete takeover.  
> The hack is very simple.

Yeah, well who enables httpd on their Ciscos, anyway?  Wait a sec, the
Catalysts have this enabled by default...

James Smallacombe		      PlantageNet, Inc. CEO and Janitor
up@3.am							    http://3.am
=========================================================================




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.