Bugtraq mailing list archives
Re: Cisco 2509/2511
From: dbrown () CSS GOV (Dan Brown)
Date: Mon, 24 Mar 1997 15:54:09 -0500
This is an old one, but I keep seeing comfigurations (also posted to UseNet) where people forget to do a: transport input none on their 'line 1 16' (or whatever) config. If you use the default values ('telnet' I think) and you have no filters (stupid idea too) on your Cisco then someone is able to use ports 2001 and up to connect to one of the devices attached to it. If this is a modem that same person can type any AT command he/she wants. Go figure..
You can also password protect each interface or a range of interfaces using either a single password, or tacacs, or radius, or... -- Dan Brown dbrown () seismo css gov
Current thread:
- ANNOUNCE : NTCrack v1.0, (continued)
- ANNOUNCE : NTCrack v1.0 Jonathan Wilkins (Mar 27)
- There are more loopholes in LPD Patrick Powell (Mar 28)
- symlink bug in tin/rtin NetRunner (Mar 29)
- Re: symlink bug in tin/rtin Nelson Murilo (Mar 29)
- ANNOUNCE : NTCrack v2.0 Jonathan Wilkins (Mar 29)
- more sendmail poop *Hobbit* (Mar 25)
- Reported Sendmail 8.8.4 Exploit gshapiro () SENDMAIL ORG (Mar 25)
- minor vulnerability in ELM Dmitry E. Kim (Mar 26)
- FreeBSD-SA-97:02: Buffer overflow in lpd Aleph One (Mar 26)
- Cisco 2509/2511 Albert Siersema (Mar 24)
- Re: Cisco 2509/2511 Dan Brown (Mar 24)
- Re: Cisco 2509/2511 Erdinc KAYA (Mar 24)
- Re: your mail Illuminati Primus (Mar 24)
- ObNag: running sendmail as root Tom Guptill (Mar 24)