|
|
 |
| New User, Welcome! Login |
Re: PIX Privilege Escalation Vulnerability
| From: |
Aaron Collins <collinsa ehawaii gov> |
| To: |
tbbunn ctc net |
| Cc: |
bugtraq securityfocus com |
| Subject: |
Re: PIX Privilege Escalation Vulnerability |
| Date: |
Mon - Feb 25, 2008 11:08 AM |
I tried this on my 515E with 'Cisco PIX Security Appliance Software
Version 7.1(1)' I also uses radius for auth, and I couldn't reproduce
this exploit. This may just be a 7.1 issue.
tbbunn@ctc.net wrote:
> I actually was able to reproduce this attack multiple times, and did verify that there was an enable secret password configured(as well as multiple User/Passwords on the TTY line, not that they should matter) . I will not be in my lab until Tuesday of next week, but I will reproduce this again and copy the exact configuration. I can not really argue any points until then. I really appreciate you'll looking into the matter. Again this was reproduced on a PIX 515E running v7.2 of Finesse.
>
> Terry Bunn,CCNA
> tbbunn@ctc.net
>
>
--
-Aaron Collins
Systems Engineer/ Release Engineer
Hawaii Information Consortium
220 S. King St. Suite 2190
Honolulu, Hawaii 96813
Cell: 808.203.8756
Office: 808.587.4213
************************************************************
CONFIDENTIALITY NOTICE:
This email and any attachments are confidential. If you
are not the intended recipient, you do not have permission
to disclose, copy, distribute, or open any attachments. If
you have received this email in error, please notify us
immediately by returning it to the sender and delete this
copy from your system.
************************************************************
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
