Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Cisco :: cisc6509.txt

Cisco 6509 Vulnerability

A vulnerability has been found on Cisco 6509 switches. The vulnerability was found to work on 2 different Cisco 6509 switches running CATOS 5.4(2) and 5.5(2). The vulnerability can lead to information and commands being exectued on the remote switch from the login prompt. Commands can be exectued at the Enter password: prompt as long as they are followed by a space and a ?
Proof of concept below:
Cisco Systems Console

Enter password:
<data_size> Size of the packet (0..1420)
Enter password: traceroute

This vulnerability has yet to be confirmed by Cisco but they have been alerted about it.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2016 AOH