Vulnerability Note VU#516659

Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) module permits telnet access when no password has been set

Original Release date: 20 Sep 2001 | Last revised: 09 Apr 2003

Overview

The Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) module permits unauthenticated telnet access when no password has been set.

Description

The Access Concentrator Node Route Processor is a router blade for the Cisco 6400. It's purpose is to aggregate and terminate incoming virtual circuits. The Access Concentrator Node Route Processor receives traffic from one or more Node Switch Processor (NSP) Asynchronous Transfer Mode (ATM) switch ports, re-assembles the ATM cells into packets, routes the packets, segments the routed packets, and sends them back to the ATM switch.

The Access Concentrator Node Route Processor module allows Telnet access when no password is set for the vtys on the device. Note that this product ships with no password set.

Impact

This vulnerability could allow a remote attacker to gain unauthorized access to the Access Concentrator Node Route Processor. Once the intruder has gained access to the Access Concentrator Node Route Processor, he could inspect or change the configuration of the device, effectively allowing complete control of the device. Since the Access Concentrator Node Route Processor is able to modify permanent and switched virtual circuits, the attacker may be able to re-route or disrupt network traffic as well as gather information about network topology.

Solution

Upgrade to Cisco IOS release 12.1(05)DC01 or later.

Apply a password to all 32 vtys on the Access Concentrator Node Route Processor. To apply the password, execute the following command at the "Enable Prompt":

  • Enable Prompt>  vty 0 31 password "password"

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Cisco Systems Inc.Affected-20 Sep 2001
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

The CERT/CC thanks Cisco Systems for their advisory, on which this document is based.

This document was written by Ian A. Finlay.

Other Information

  • CVE IDs: CVE-2001-0757
  • Date Public: 14 Jun 2001
  • Date First Published: 20 Sep 2001
  • Date Last Updated: 09 Apr 2003
  • Severity Metric: 33.75
  • Document Revision: 34

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.