[c-nsp] OT: Telnet lock-out vulnerability

Jay Hennigan jay at west.net
Mon Sep 20 00:40:14 EDT 2004


On Mon, 20 Sep 2004, Amol Sapkal wrote:

> Hi Guys,
>
> Slightly OT.
> Few days back one of my 7513's was not prompting me for a username/password.
> Though I could see the IP of the router on the telnet window top
> (indicating that tcp connection on port 23 is through) I was not being
> prompted for the username.
>
> Has this anything to do with the Cisco telnet vulnerability?
> http://www.ciac.org/ciac/bulletins/o-207.shtml
>
> I dont think it had anything to do with my TACACS. I had to finally
> issue a reload.

Possibly.  You can clear the hung session without a reload, however.

from the console,
Do a "show tcp brief" to find the wedged session to local port 23.
Then "clear tcp tcb [hex address]"

This should restore your ability to telnet to the router.

You might consider limiting telnet via access-class on the vty lines.

--
Jay Hennigan - CCIE #7880 - Network Administration - jay at west.net
WestNet:  Connecting you to the planet.  805 884-6323      WB6RDV
NetLojix Communications, Inc.  -  http://www.netlojix.com/


More information about the cisco-nsp mailing list