(CIAC Issues Bulletin) Re: Cisco's Content Services Switch (Arrowpoint) Allows Administrators to Escalate Privileges and Make Unauthorized Configuration Changes
|
|
SecurityTracker Alert ID: 1001252 |
|
SecurityTracker URL: http://securitytracker.com/id/1001252
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 6 2001
|
Impact:
Root access via local system, Root access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 4.01B19s; CSS 11050, CSS 11150, and CSS 11800 hardware platforms
|
Description:
Cisco released an advisory for their Cisco Content Services Switch (also known as Arrowpoint) regarding a vulnerability that can allow authorized administrators to escalate their administrative privileges and make unauthorized configuration changes.
A non-privileged but valid administrative user can issue a certain series of keystrokes to enter the debug mode and, from that mode, can then gain super-user administrative access.
|
Impact:
This vulnerability can allow a non-privileged administrative user to gain super-user access and gain unauthorized access to important files (such as the configuration files) and to directory structure information.
|
Solution:
An upgraded version is available. Upgrade to revision 4.01B19s for all affected platforms. This vulnerability is assigned Cisco bug ID CSCdt32570.
|
Vendor URL: www.cisco.com/warp/public/707/arrowpoint-useraccnt-debug-pub.shtml (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Fri, 6 Apr 2001 14:29:36 -0700 (PDT)
Subject: CIAC Bulletin L-069 Cisco Content Services Switch User Account
|
Vulnerability
[ For Public Release ]
-----BEGIN PGP SIGNED MESSAGE-----
__________________________________________________________
The U.S. Department of Energy
Computer Incident Advisory Center
___ __ __ _ ___
/ | /_\ /
\___ __|__ / \ \___
__________________________________________________________
INFORMATION BULLETIN
Cisco Content Services Switch User Account Vulnerability
April 6, 2001 19:00 GMT Number L-069
______________________________________________________________________________
PROBLEM: The Cisco Content Services (CSS) switch product, also known as
Arrowpoint, has a security vulnerability which allows privilege
escalation.
PLATFORM: The following hardware platforms are affected: Cisco CSS 11050,
CSS 11150, and CSS 11800 units.
DAMAGE: A malicious party using a valid user account can enter debug
bug and gain administrative access to the Cisco unit.
SOLUTION: Follow the Cisco advice in the bulletin for establishing access
control lists or apply the patch.
______________________________________________________________________________
VULNERABILITY The risk is LOW. There have been no reports of this activity.
ASSESSMENT:
______________________________________________________________________________
[****** Begin Cisco Bulletin ******]
http://www.ciac.org/ciac/bulletins/l-069.shtml
[****** End Cisco Bulletin *******]
-----BEGIN PGP SIGNATURE-----
Version: 4.0 Business Edition
iQCVAwUBOs41BbnzJzdsy3QZAQHE7wP9HJGwP9uF2UjMed32VOsiElr8gVup2ZVT
N7jwJ3R6dJTHIbb7aYK8AtRvmy8V4kU5lQCaDAV1vapS9ohiJgX+AYQQq3BCPu6n
FeZAQkuYyaBQfTmJJ6uVXbJ2c2QjcduI/L0BkZhXEP+4LMHVl4hmkHV+6Q2Eefmv
em1iCLr0gtY=
=8L0W
-----END PGP SIGNATURE-----
-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+
This message was posted through the FIRST mailing list server. If you
wish to unsubscribe from this mailing list, send the message body of
"unsubscribe first-info" to first-majordomo@FIRST.ORG
-+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+
|
|
