Multiple Vulnerabilites in Cisco 5420 Storage Router

Reported July 11, 2001, by Cisco Systems.

VERSIONS AFFECTED

  • Cisco SN 5420 Storage Router software 1.1(3) and earlier

 

DESCRIPTION

Two vulnerabilities exist in the Cisco SN 5420 Storage Router software. The first vulnerability lets an attacker cause a Denial of Service (DoS) condition by rapidly establishing connections to TCP port 8023 to reboot the device. The second vulnerability lets an unauthorized user log on to the developer's shell by using rlogin or the management interface. With this low-level access to the device, the attacker can execute debug commands, start and stop processes, and interfere with process execution.

 

VENDOR RESPONSE

Cisco has issued a notice regarding this vulnerability. The company recommends that users obtain a firmware upgrade through the Software Center on Cisco's Web site or through Cisco's distribution channels.

 

CREDIT
Discovered by Cisco Systems.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish