Cisco IOS HTTP exec path command execution

Added: 12/23/2010
CVE: CVE-2000-0945
BID: 1846
OSVDB: 444

Background

The Cisco Internetwork Operating System (IOS) is the operating system used by Cisco routers.

Problem

A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec.

Resolution

Set an enable password on the Cisco device.

References

http://archives.neohapsis.com/archives/bugtraq/2000-10/0380.html
http://archives.neohapsis.com/archives/bugtraq/2000-11/0194.html

Limitations

Exploit works on Cisco Catalyst 3500 XL devices with the enable password unset.

Platforms

Cisco

Back to exploit index