Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Cisco :: cisco28.htm

Cisco Catalyst bug permits unauthorized access

    Cisco Catalyst


    All users of Cisco Catalyst  4000, 5000, 5500, 6000 and  6500 with
    the software version 5.4(1) only


    Following is  based on  Cisco Security  Advisory.   Cisco Catalyst
    software permits  unauthorized access  to the  enable mode  in the
    5.4(1) release.   Once initial  access is  granted, access  can be
    obtained for the  higher level "enable"  mode without a  password.
    This  problem  is  resolved  in  version  5.4(2).   Customers with
    vulnerable  releases  are  urged  to  upgrade as soon as possible.
    This vulnerability has been assigned Cisco bug ID CSCdr10025.

    The affected image names are as follows:


    No other releases of Cisco Catalyst software are affected by  this
    vulnerability.   No  other  Cisco  products  are  affected by this

    Anyone  who  can  obtain  ordinary  console  access to an affected
    switch can bypass password authentication to obtain "enable"  mode
    access  without  knowledge   of  the  "enable"   password.    This
    vulnerability can  be exploited  through the  network using telnet
    or via the physical console.

    This problem  was introduced  in software  version 5.4(1),  and is
    corrected in version 5.4(2).  Due to this defect, software version
    5.4(1) is  deferred.   Customers are  urged to  upgrade to version

    This   vulnerability   permits   unauthorized   access   to    the
    configuration  mode  and  unauthorized  configuration changes on a
    Catalyst switch.


    Cisco  is  offering   free  software  upgrades   to  remedy   this
    vulnerability  for   all  affected   customers.   Customers   with
    contracts should  obtain upgraded  software through  their regular
    update channels.   For most  customers, this  means that  upgrades
    should be obtained  via the Software  Center on Cisco's  Worldwide
    Web site at

    There are no known  workarounds for this vulnerability.   Strictly
    limiting  telnet  access  to  the  device will prevent the initial
    connection required to exploit this vulnerability.  Telnet  access
    can be controlled with the following command set:

        set ip permit <address> <mask> telnet
        set ip permit enable

    This command set will deny all traffic not specified in the permit

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH