[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fb0927a80708011119y23e62837ifea23733d20eeb1@mail.gmail.com>
Date: Wed, 1 Aug 2007 12:19:35 -0600
From: "Shawn Merdinger" <shawnmer@...il.com>
To: "Leif Sawyer" <lsawyer@....com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: "debug k" freezing Cisco routers?
Hi Leif,
Please see FX's excellent coverage on this issue. Sure, I
could/should post what version I'm working on, but this is private,
personal research, hence the vaugue description. Plus, I _know_ there
are plenty of folks out there _much_ smarter than myself on this kind
of research, so I'm just posting a "Hey, I'm seeing this, anyone
else?"
Folks, give "debug kernel" a try like FX mentioned and see what
happens. It worked with "debug k" on my version I'm working on, but
that's a Cisco question I guess.
Kindest regards,
--scm
Shawn Merdinger
Independent Security Researcher
VoIPninja.com
On 8/1/07, Leif Sawyer <lsawyer@....com> wrote:
> You didn't mention what version of IOS, nor what type of router.
>
> InetSadcLabGw-1>ena
> Password:
> InetSadcLabGw-1#debug k?
> kerberos kron
>
> InetSadcLabGw-1#debug k
> % Ambiguous command: "debug k"
> InetSadcLabGw-1#sho ver
>
> Cisco Internetwork Operating System Software
> IOS (tm) s6523_rp Software (s6523_rp-ADVIPSERVICESK9-M), Version
> 12.2(18)ZU1, RELEASE SOFTWARE (fc1)
>
>
> And it seems that you should have.
>
>
> > -----Original Message-----
> > From: full-disclosure-bounces@...ts.grok.org.uk
> > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf
> > Of Shawn Merdinger
> > Sent: Wednesday, August 01, 2007 8:15 AM
> > To: full-disclosure@...ts.grok.org.uk
> > Subject: [Full-disclosure] "debug k" freezing Cisco routers?
> >
> > Hi All,
> >
> > At level 15 permissions, when I enter "debug k" on the CLI
> > the router freezes immediately, requiring a manual reboot.
> >
> > While not a vulnerability per se, perhaps something to keep
> > in mind from the fat-finger risk?
> >
> > Anyone else seeing this?
> >
> > Kindest regards,
> > --scm
> >
> >
> > Shawn Merdinger
> > Independent Security Researcher
> > VoIPninja.com
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists