VULHUB ™

It has been alleged that it is possible for remote attackers to execute arbitrary commands without proper authorization. Reportedly it is possible to execute shell commands from the password prompt on a device running a vulnerable version of CatOS. This issue has been reported in CatOS versions 5.4(2) and 5.5(2) on Cisco Catalyst 6509 switches. Other devices and CatOS versions may also be similarly affected. Cisco has replied to this issue stating that it cannot be used to execute commands, retrieve information from the device, or reveal information about traffic processed by the device. Details are available to registered Cisco users at: http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdr87435 Since this issue cannot be exploited to compromise any security properties on the device, this BID will be retired.

It has been alleged that it is possible for remote attackers to execute arbitrary commands without proper authorization. Reportedly it is possible to execute shell commands from the password prompt on a device running a vulnerable version of CatOS. This issue has been reported in CatOS versions 5.4(2) and 5.5(2) on Cisco Catalyst 6509 switches. Other devices and CatOS versions may also be similarly affected. Cisco has replied to this issue stating that it cannot be used to execute commands, retrieve information from the device, or reveal information about traffic processed by the device. Details are available to registered Cisco users at: http://www.cisco.com/pcgi-bin/Support/Bugtool/onebug.pl?bugid=CSCdr87435 Since this issue cannot be exploited to compromise any security properties on the device, this BID will be retired.