Cisco Developer's Shell
Created 7/19/01
CVE 2001-1037
CVE 2001-1038
Impact
A remote attacker could execute commands on the router
or create a denial of service by rebooting the router.
Background
The Cisco SN 5420 Storage Router
supports TCP/IP and also features SCSI
over IP, which provides network storage capabilities.
The Problem
The Cisco SN 5420 Storage Router includes a developer's shell,
which is used for testing during development. The shell
is accessible using rlogin or on TCP port 8023, and
enables a remote user to execute low-level commands without
providing a password. Furthermore, an attacker can cause the
router to reboot by rapidly establishing multiple connections
to port 8023, thus causing a denial of service.
Software versions prior to 1.1(4) are affected by these vulnerabilities.
Resolution
Upgrade to
software version 1.1(4). If it is not possible to upgrade
immediately, then block access to TCP ports 513 and 8023 at
the gateway router or firewall until it is possible to upgrade.
Where can I read more about this?
For more information, see the Cisco
advisory or CIAC Bulletin L-112.