[cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability
Pete Brown
jpb at chykn.com
Mon Nov 20 11:50:41 EST 2017
I wonder if there are any existing penetration testing utilities to check for these conditions on UCOS hosts?
If not, challenge accepted.
________________________________
From: cisco-voip <cisco-voip-bounces at puck.nether.net> on behalf of Brian Meade <bmeade90 at vt.edu>
Sent: Monday, November 20, 2017 10:25 AM
To: Anthony Holloway
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability
Anyone got some ideas on trying to crack this UCOS password? Should help us out in scanning our customers to see if they are affected, but we wouldn't want this password to end up indexed by google and make the issue even worse.
On Fri, Nov 17, 2017 at 4:46 PM, Anthony Holloway <avholloway+cisco-voip at gmail.com<mailto:avholloway+cisco-voip at gmail.com>> wrote:
Bwahaha! I just logged in to your CUCM Tim.
On a serious note, I think it’s interesting how this “flag” issue is such a big deal, when back in the old days of UCCX, Cisco was creating an intentional back-door in all installs, using the same username and password on all of them.
For the curious, it was :
Username: CRSAdministrator
Password: NwY.t9g(f'L9[3C
If you have access to a UCCX 7x or lower, try logging in to Windows with that account and report back if it worked.
If it does work, check the MADM logs on the C: for the clear text AXL username and password, so you can compromise CUCM too!
On Fri, Nov 17, 2017 at 1:46 PM Tim Frazee <tfrazee at gmail.com<mailto:tfrazee at gmail.com>> wrote:
heads up
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.cisco.com%2Fsecurity%2Fcenter%2Fcontent%2FCiscoSecurityAdvisory%2Fcisco-sa-20171115-vos&data=02%7C01%7Cjpb%40chykn.com%7Cc6d62618f1394047c79708d530335cb9%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636467919512806356&sdata=IdvnVpdKRKohCUKQSKKh4bKfelSJUiZAdjH11YhCLns%3D&reserved=0>
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpuck.nether.net%2Fmailman%2Flistinfo%2Fcisco-voip&data=02%7C01%7Cjpb%40chykn.com%7Cc6d62618f1394047c79708d530335cb9%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636467919512806356&sdata=vOKtR8Wsv5fwFmwmyehk7Nn8m7NSLCh4DhqdDBz5Bos%3D&reserved=0>
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpuck.nether.net%2Fmailman%2Flistinfo%2Fcisco-voip&data=02%7C01%7Cjpb%40chykn.com%7Cc6d62618f1394047c79708d530335cb9%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C636467919512806356&sdata=vOKtR8Wsv5fwFmwmyehk7Nn8m7NSLCh4DhqdDBz5Bos%3D&reserved=0>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20171120/9fba2752/attachment.html>
More information about the cisco-voip
mailing list