Re: Cisco UBR920 cable router - SNMP to change telnet passwords?

[Jorge Lozano <lozano_jorge () yahoo com>]

Glenn,

You can try the SolarWinds tools suite (use the
Engineer's Version), it's not free but you have 30
days trial, and who knows, if you like it and it's
useful, maybe it's worth the money. The web page is:
www.solarwindws.net

There are some tools included that are for Cisco
boxes, and one can transfer the complete configuration
of a box if you know the read/write community. 

After you get the configuration, there's another tool
included that will decrypt the hash of the access
password.

I hope this serve your purpose.

--- "Wolf, Glenn" <glenn.wolf () we-inc com> wrote:
> Hi,
>    As per the following vulnerability:
> http://online.securityfocus.com/bid/3758
>
>   ... does anyone know how to exploit SNMP
> read-write access to change or
> retrieve the usernames/passwords protecting the
> telnet access?  I have SNMP
> read-write access on the Cisco UBR920 cable router,
> so I could DoS it, but
> I'm looking for further access.
>
> Thanks in advance,
> Glenn
----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security
> Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA
> service which
> automatically alerts you to the latest security
> vulnerabilities please see:
> https://alerts.securityfocus.com/


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/