24 Cisco ATA-186 http password attack Network devices 2003/11/14 Marc Ruef marc dot ruef at computec dot ch http://www.computec.ch computec.ch Marc Ruef marc dot ruef at computec dot ch http://www.computec.ch computec.ch 2004/11/14 2.0 Corrected the plugin structure and added the accuracy values in 1.4. Improved the pattern matching and introduced the plugin changelog in 2.0 tcp 80 open|send POST\nContent-length:1\n\na\n\n|sleep|close|pattern_exists HTTP 10 This plugin was written with the ATK Attack Editor. http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml Cisco Systems info at cisco dot com http://www.cisco.com Cisco ATA-186 Other Cisco and network devices Weak Authentication It is possible to bypass the password authentication of a Cisco ATA-186 by sending a HTTP POST request with one byte as payload. Upgrade your Cisco firmware and filter incoming traffic on port tcp/80. 20 minutes Yes http://www.securityfocus.com/bid/4711/exploit/ Yes No High 7 6 10 7 High Nessus is also able to do the same check. CAN-2002-0769 4711 11012 Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427 http://www.computec.ch