From AndrewF@GATEWAY.BM Thu Oct 26 23:16:22 2000
From: Andrew Frith <AndrewF@GATEWAY.BM>
To: BUGTRAQ@SECURITYFOCUS.COM
Date: Thu, 26 Oct 2000 17:35:10 -0300
Subject: Re: [BUGTRAQ] Advisory def-2000-02: Cisco Catalyst remote command              execution

I was unable to reproduce this on a 2924-XL running version 11.2(8.2)SA6.  Entering that URL in a web browser prompts for a password.  It will only execute once the enable password has been entered.

>>> Olle Segerdahl <Olle.Segerdahl@DEFCOM-SEC.COM> 10/26/00 05:51AM >>>
----------------------=[Detailed Description]=------------------------
Cisco Catalyst 3500 XL series switches have a webserver configuration
interface. This interface lets any anonymous web user execute any
command without supplying any authentication credentials by simply
requesting the /exec location from the webserver. An example follows:
http://catalyst/exec/show/config/cr 
This URL will show the configuration file, with all user passwords.