Cisco路由器在线帮助漏洞

漏洞信息详情

Cisco路由器在线帮助漏洞

• CNNVD编号：CNNVD-200005-023
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2000-0345
  
• 漏洞类型：
  
  
  访问验证错误
  
• 发布时间：
  
  2000-05-03
  
• 威胁类型：
  
  
  本地
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  cisco
• 漏洞来源：
  This bug was disco…

Cisco路由器中的在线帮助系统选项存在漏洞，无权限的用户可以通过show 命令在没有\”enabled\”选项时访问并获得敏感信息。

Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com. However in the original post to Bugtraq the author submits the following workaround and claims Cisco’s Lisa Napier from Cisco Security validated the workaround as being sufficient.

来源: BID
名称: 1161
链接:http://www.securityfocus.com/bid/1161

来源: BUGTRAQ
名称: 20000502 Possible issue with Cisco on-line help?
链接:http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000502222246.28423.qmail@securityfocus.com