Title: Cisco CBOS Show NAT Output Session Switching Vulnerability
Severity: LOW
Description:
Cisco CBOS is the operating system included on home-based Cisco routers, such as Cisco DSL routers. CBOS is maintained and distributed by Cisco Systems.
A problem in the handling of multiple connections to a Cisco DSL router could result in an unprivileged user with access to the router viewing privileged information.
It is possible to have multiple sessions connected to a Cisco DSL router via telnet, giving varying degrees of administrative access. The show nat command is one requiring enable access on the router, and normally contains sensitive information about the design of the internal network.
A problem with the firmware produces strange results when one session is connected to the DSL router and executes a show nat command while another session is in the process of connection. Once the second session is negotiated, the output of the show nat command is printed to the terminal of the second user, which depending on the privileges could result in an unauthorized user gaining access to sensitive information.
Affected Products:
- Cisco CBOS 2.3.0.053
- Cisco CBOS 2.4.1
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
