Cisco Catalyst使能密码旁路漏洞

漏洞信息详情

Cisco Catalyst使能密码旁路漏洞

• CNNVD编号：CNNVD-200004-054
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2000-0267
  
• 漏洞类型：
  
  
  访问验证错误
  
• 发布时间：
  
  2000-04-20
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-12
  
• 厂        商：
  
  cisco
• 漏洞来源：
  This vulnerability…

Cisco Catalyst 5.4.x存在漏洞，用户可以访问“使能”模式而无需密码。

The following information has been copied from the Cisco security advisory on this topic, the advisory itself is attached in the ‘Credit’ section of this vulnerability entry:
Cisco is offering free software upgrades to remedy this vulnerability for all affected customers.
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained via the Software Center on Cisco’s Worldwide Web site at:
http://www.cisco.com.
Customers without contracts should get their upgrades by contacting the Cisco Technical Assistance Center (TAC). TAC contacts are as follows:
* +1 800 553 2447 (toll-free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
Give the URL of this notice as evidence of your entitlement to a free upgrade. Free upgrades for non-contract customers must be requested through the TAC. Please do not contact either “psirt@cisco.com” or “security-alert@cisco.com” for software upgrades.

来源: CISCO
名称: 20000419 Cisco Catalyst Enable Password Bypass Vulnerability
链接:http://www.cisco.com/warp/public/707/catos-enable-bypass-pub.shtml

来源: BID
名称: 1122
链接:http://www.securityfocus.com/bid/1122

来源: OSVDB
名称: 1288
链接:http://www.osvdb.org/1288