Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS
* Halvar Flake:
> So in short, they are demonstrating that
>
> * IF you have console access
> * AND the enable password
> * AND you enable the debugger
>
> you can execute code ?
>
> So all in all, it's a complete non-issue ?
Not completely. There are some configurations in which EXEC mode is not
fully privileged. For instance, someone might be covertly capturing
flows passing through the router. The ability to execute arbitrary code
can be used to reveal that activity, and the router operator may not be
authorized to do so.
However, it seems to me that this is more or less a compliance thing,
not a security issue.
討論串 (同標題文章)
完整討論串 (本文為第 3 之 6 篇):