North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: Cisco IOS Vulnerability
- From: Vandy Hamidi
- Date: Mon Jul 02 19:34:06 2001
Does this vulnerability affect CatOS as well? I was under the impression it
was just IOS devices.
From: firstname.lastname@example.org [mailto:email@example.com]
Sent: Friday, June 29, 2001 6:03 PM
To: Larry Diffey
Subject: Re: Cisco IOS Vulnerability
On Fri, 29 Jun 2001, Larry Diffey wrote:
> CERT and Cisco have issued a warning about a vulnerability in the
> Cisco IOS starting at version 11.3 and affecting all later versions.
> If your Cisco equipment is HTTP enabled and you're not using TACACS+
> or RADIUS for authentication it is vulnerable to complete takeover.
> The hack is very simple.
Yeah, well who enables httpd on their Ciscos, anyway? Wait a sec, the
Catalysts have this enabled by default...
James Smallacombe PlantageNet, Inc. CEO and Janitor