Re: Re: PIX Privilege Escalation Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: PIX Privilege Escalation Vulnerability
From: tbbunn@xxxxxxx
Date: 25 Jan 2008 01:24:32 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

I actually was able to reproduce this attack multiple times, and did verify 
that there was an enable secret password configured(as well as multiple 
User/Passwords on the TTY line, not that they should matter) . I will not be in 
my lab until Tuesday of next week, but I will reproduce this again and copy the 
exact configuration. I can not really argue any points until then. I really 
appreciate you'll looking into the matter. Again this was reproduced on a PIX 
515E running v7.2 of Finesse.

Terry Bunn,CCNA 
tbbunn@xxxxxxx

Follow-Ups:
- Re: PIX Privilege Escalation Vulnerability
  - From: Aaron Collins

Prev by Date: phpBB 2.0.22 Remote PM Delete XSRF Vulnerability
Next by Date: E-SMART CART bypass
Previous by thread: Re: PIX Privilege Escalation Vulnerability
Next by thread: Re: PIX Privilege Escalation Vulnerability
Index(es):
- Date
- Thread