Document ID: 59747
Last Updated 2000 November 13
This document is provided to simplify access to Cisco responses to possible product security vulnerability issues posted in public forums for Cisco customers. This does not imply that Cisco perceives each of these issues as an actual product security vulnerability. This notice is provided on an "as is" basis and does not imply any kind of guarantee or warranty. Your use of the information on the page or materials linked from this page are at your own risk. Cisco reserves the right to change or update this page without notice at any time.
To: BugTraq Subject: Re: 3500XL Date: Nov 13 2000 7:35PM Author: Damir Rajnovic <gaus cisco com> Message-ID: <email@example.com> -----BEGIN PGP SIGNED MESSAGE----- Hello there, This is the official reply to the def-2000-02, Defcom Labs Advisory, posted on 2000-October-26 by Olle Sergerdahl (see http://www.securityfocus.com/bid/1846) This is the brief description from the def-2000-02 advisory: "The Catalyst 3500 XL series switches web configuration interface lets any user execute any command on the system without logging in. This issue was extremely easy to find, as Cisco provides a link to it from the first page of the web configuration service. This is one of the reasons I have decided to go public with the issue so soon." We investigated this issue and found that this holds only if user did not configured an enable password. The only instance when this is true is when switch administrator has configured an access password (on vty lines) but without an enable password. This situation may be confusing since admins will be prompted for a password when trying to telnet to the switch but will not be asked for it when using the Web to access the switch. All switches from 2900XL and 3500XL families share this behavior. We suspect that this scenario was present when Olle made his discovery, but have not yet received his configuration to confirm. Cheers, Gaus -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.0.2i iQCVAwUBOhBQZMAFeq0PniW5AQHUDAQAoU7Th2I1DhmZXXq952HT1i9VWFURHGJV 8Zq4e19agp+0Br1pHgilo5zj1fk0LikEuTqCTpNrYCD8Ng8oI/eNGYfsV4oOYNh5 LY/YyuVWt0bnEGkSlRryazWfMpHs5Vbg5nLbyXEr3XgYzycTIs+s/Itm1AOs7BE9 wbu38N30lwA= =HRnz -----END PGP SIGNATURE----- ============== Damir Rajnovic <psirt cisco com>, PSIRT Incident Manager, Cisco Systems <http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html> Phone: +44 7715 546 033 4 The Square, Stockley Park, Uxbridge, MIDDLESEX UB11 1BN, GB ============== There is no insolvable problems. Question remains: can you accept the solution?
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
|Updated: Oct 08, 2004||Document ID: 59747|