Cisco IOS HTTP exec path command execution

2010-12-23T00:00:00
ID SAINT:45CE2B5EA99A133D05025A81932748C5
Type saint
Reporter SAINT Corporation
Modified 2010-12-23T00:00:00

Description

Added: 12/23/2010
CVE: CVE-2000-0945
BID: 1846
OSVDB: 444

Background

The Cisco Internetwork Operating System (IOS) is the operating system used by Cisco routers.

Problem

A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with **/exec**.

Resolution

Set an enable password on the Cisco device.

References

<http://archives.neohapsis.com/archives/bugtraq/2000-10/0380.html>
<http://archives.neohapsis.com/archives/bugtraq/2000-11/0194.html>

Limitations

Exploit works on Cisco Catalyst 3500 XL devices with the enable password unset.

Platforms

Cisco