Re: Re: PIX Privilege Escalation Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Re: PIX Privilege Escalation Vulnerability
From: rvandenbrink@xxxxxxxxxxx
Date: 5 Feb 2008 04:04:06 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

tested on 515e platform 7.2

as indicated by eloy, this only works if the enable password is blank.  not 
sure why the backspace works, but a simple enter key will get you to enable 
mode just as easily

with an enable pwd set:

c5-515E-pix> ena
Password:
Invalid password
Password:
Invalid password
Password:
Invalid password
Access denied.
c5-515E-pix>

Prev by Date: [ MDVSA-2008:034 ] - Updated emacs packages fix vulnerabilities
Next by Date: [security bulletin] HPSBMA02307 SSRT071420 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Denial of Service (DoS)
Previous by thread: Re: PIX Privilege Escalation Vulnerability
Next by thread: [ MDVSA-2008:025 ] - Updated x11-server-xgl packages fix multiple vulnerabilities
Index(es):
- Date
- Thread