mailing list archives
Re: several vulnerabilities present in Belkin wireless routers
From: Roman Daszczyszak <romandas () gmail com>
Date: Fri, 22 Jul 2005 14:15:08 +0200
I can't comment on the Belkin stuff. As for Cisco IIRC, telnet is
enabled by default, however it doesn't allow anyone to log in unless a
telnet password is set on the vty lines and the login command is
configured as well, and those are not set by default.
So, you can certainly use a telnet exploit against them because the
port is open, but you're not going in via the non-existant password.
---------- Original message ----------
From: steven.salaets () windriver com
To: bugtraq () securityfocus com
Date: 20 Jul 2005 08:58:29 -0000
Subject: Re: Re: several vulnerabilities present in Belkin wireless routers
What I wonder is: How much of a security threat is this? Are we not
talking about default settings here? How secure is a linksys or cisco
AP out of the box? As far as I recall Cisco also enables telnet by
default and if you Google for a default administrative password for
any network device it won't take you 5 minutes to find it.