[nsp] telnet exploit on 3550 ?
Jim Devane
jim at powerpulse.cc
Wed Dec 3 18:23:45 EST 2003
D-
I doubt it.
They would have had to beat TACACS and we restrict TACACS responses from IP.
As reboot did clear it but I cam concerned about the future.
Thanks,
Jim
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Dmitri Kalintsev
Sent: Wednesday, December 03, 2003 2:25 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [nsp] telnet exploit on 3550 ?
Jim,
Somebody just guessed your password and got in. Also by the look of things
they have done what you should have done in the first place - created a vty
ACL to keep you out of it. Simple reboot won't help you much, I'm afraid.
You'll have to go through the password recovery procedure, via console
cable.
SY,
-- D.K.
On Mon, Dec 01, 2003 at 12:51:03PM -0800, Jim Devane wrote:
> All,
...
> However, is there a knows exploit against telnet that is known? Below are
> the RSH attempts and the TACACS log of what happened and the "sh use" I
> cannot clear this line in my switch
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list