Advisory ID: cisco-sa-20070509-iosftp
For those that have enabled the IOS FTP service on their CISCO devices, you may want to take a look at the advisory from CISCO. CISCO indicates that there are multiple vulnerabilities in the IOS. From CISCO Advisory:
"Multiple vulnerabilities exist in the Cisco IOS File Transfer Protocol (FTP) Server feature. These vulnerabilities include Denial of Service, improper verification of user credentials and the ability to read or write any file in the device's filesystem, including the device's saved configuration, which may include passwords or other sensitive information."
See the link above for the complete advisory.
May 9th 2007
1 decade ago