Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: Cisco HTTP IOS Vuln Clarification

Re: Cisco HTTP IOS Vuln Clarification

From: Pawel Krawczyk <kravietz_at_aba.krakow.pl>
Date: Tue, 13 Nov 2001 08:07:58 +0100

On Mon, Nov 12, 2001 at 11:48:46AM -0800, Josha Bronson wrote:

> Can anyone clarify whether or not a server may be vulnerable only to a
> subset of the numbers in the range? Meaning that "/level/17/exec/" may
> work to access the system but "/level/99/exec/" may not. Or is it the
> nature of this vulnerability that if a system is accessible via one URL
> than it would be accessible via all?
> On the systems I've tested they all work.

Exactly the same we got, the tested network was quite homogenic as
it comes to IOS revisions however. All the switches had HTTP enabled,
and all were vulnerable. 

-- 
Paweł Krawczyk *** home: <http://ceti.pl/~kravietz/>
security: <http://ipsec.pl/>  *** fidonet: 2:486/23
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Nov 13 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]