| VID |
29055 |
| Severity |
40 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco 6400 NRP2 has a unauthorized Telnet access vulnerability(CISCO Bug ID CSCdt65960).
The Cisco Node Route Processor 2 card is a module designed to enhance the services of the Cisco 6400 series broadband aggregators. A problem in the Node Route Processor 2 (NRP2) makes it possible for remote attackers to gain unauthorized access to vtys. The default configuration of the NRP2 allows Telnet access to the vtys of the module when no password has been set. By default configuration, the NRP2 should allow no access until a password has been set.
This makes it possible for a remote attacker to gain access to systems behind the NRP2 module.
* Note: This check solely relied on the version number of the remote system to assess this vulnerability, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/6400-nrp2-telnet-vuln-pub.shtml
http://www.kb.cert.org/vulns/id/516659
http://www.ciac.org/ciac/bulletins/l-097.shtml
* Platforms Affected:
Cisco 6400 NRP2 modules running Cisco IOS release earlier than 12.1(05)DC01 |
| Recommendation |
Upgrade to the fixed versions, Cisco IOS release 12.1(05)DC01 or later. Upgrades should be obtained through the Software Center on Cisco's Worldwide Web site at http://www.cisco.com .
As a workaround, apply password to all the 32 vtys on the NRP2.
Enable Prompt> vty 0 31 password "the-password"
For details, see http://www.cisco.com/warp/public/707/6400-nrp2-telnet-vuln-pub.shtml . |
| Related URL |
CVE-2001-0757 (CVE) |
| Related URL |
2874 (SecurityFocus) |
| Related URL |
6691 (ISS) |
|
