<<< Date Index >>>     <<< Thread Index >>>

Re: several vulnerabilities present in Belkin wireless routers



I can't comment on the Belkin stuff.  As for Cisco IIRC, telnet is
enabled by default, however it doesn't allow anyone to log in unless a
telnet password is set on the vty lines and the login command is
configured as well, and those are not set by default.

So, you can certainly use a telnet exploit against them because the
port is open, but you're not going in via the non-existant password.

Regards,
Roman Daszczyszak

---------- Original message ----------
From: steven.salaets@xxxxxxxxxxxxx
To: bugtraq@xxxxxxxxxxxxxxxxx
Date: 20 Jul 2005 08:58:29 -0000
Subject: Re: Re: several vulnerabilities present in Belkin wireless routers
What I wonder is: How much of a security threat is this? Are we not
talking about default settings here? How secure is a linksys or cisco
AP out of the box? As far as I recall Cisco also enables telnet by
default and if you Google for a default administrative password for
any network device it won't take you 5 minutes to find it.

-Steven