From: Kristian Erik Hermansen (kristian.hermansengmail.com)
Date: Thu Jan 24 2008 - 11:48:55 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 24 Jan 2008 03:41:38 -0000, <tbbunnctc.net> wrote:
> I am now going to go over the simplicity of the exploit and I will be releasing a white paper hopefully sooner than later on the specifics of the underlying cause. Once a user has logged on to the user-exec (level0) of the device they will then be able to proceed with the <enable> command which should give you a login prompt. At this prompt if you move your cursor forward with a space or character(it doesn't matter if there are more then one), and then proceed to delete any spaces or characters, by holding down the backspace a second after deleting the last character it should immediately drop you into level 15 privilege-exec mode. This attack was originally performed on a PIX 515E running version 7.2 of Finesse. I will be posting all updates regarding this exploit as they come, and I apologize for it taking so long to release this information.

That's a ridiculous exploit. Have you notified Cisco PSIRT?
--
Kristian Erik Hermansen
"Know something about everything and everything about something."

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]