[c-nsp] OT: Telnet lock-out vulnerability
Jay Hennigan
jay at west.net
Mon Sep 20 00:40:14 EDT 2004
On Mon, 20 Sep 2004, Amol Sapkal wrote:
> Hi Guys,
>
> Slightly OT.
> Few days back one of my 7513's was not prompting me for a username/password.
> Though I could see the IP of the router on the telnet window top
> (indicating that tcp connection on port 23 is through) I was not being
> prompted for the username.
>
> Has this anything to do with the Cisco telnet vulnerability?
> http://www.ciac.org/ciac/bulletins/o-207.shtml
>
> I dont think it had anything to do with my TACACS. I had to finally
> issue a reload.
Possibly. You can clear the hung session without a reload, however.
from the console,
Do a "show tcp brief" to find the wedged session to local port 23.
Then "clear tcp tcb [hex address]"
This should restore your ability to telnet to the router.
You might consider limiting telnet via access-class on the vty lines.
--
Jay Hennigan - CCIE #7880 - Network Administration - jay at west.net
WestNet: Connecting you to the planet. 805 884-6323 WB6RDV
NetLojix Communications, Inc. - http://www.netlojix.com/
More information about the cisco-nsp
mailing list