Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Cisco IOS local privilege escalation - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco IOS local privilege escalation
Cisco released earlier a vulnerability note detailing a problem within some Cisco IOS versions that bypasses the command authorization offered by AAA services such as TACACS+. The bypass uses tclsh.

Why a router would need tclsh is a mystery to this handler.

--
Swa Frantzen


 Swa

760 Posts
Jan 25th 2006
Thread locked Subscribe Jan 25th 2006
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!