Re: Re: PIX Privilege Escalation Vulnerability

---

• From: tbbunn@xxxxxxx
• Date: 25 Jan 2008 01:24:32 -0000

---

I actually was able to reproduce this attack multiple times, and did verify that there was an enable secret password configured(as well as multiple User/Passwords on the TTY line, not that they should matter) . I will not be in my lab until Tuesday of next week, but I will reproduce this again and copy the exact configuration. I can not really argue any points until then. I really appreciate you'll looking into the matter. Again this was reproduced on a PIX 515E running v7.2 of Finesse.

Terry Bunn,CCNA
tbbunn@xxxxxxx

---

• Follow-Ups:
  • Re: PIX Privilege Escalation Vulnerability
    • From: Aaron Collins

• Prev by Date: phpBB 2.0.22 Remote PM Delete XSRF Vulnerability
• Next by Date: Pre Hotel and Resorts reservation portal login bypass
• Previous by thread: Re: PIX Privilege Escalation Vulnerability
• Next by thread: Re: PIX Privilege Escalation Vulnerability
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > bugtraq  > 2008-01