Vulnerability

    Cisco

Affected

    Cisco 6400 NRP2 Telnet

Description

    Following is based on a  Cisco Security Advisory.  The  Cisco 6400
    Access Concentrator  Node Route  Processor 2  (NRP2) module allows
    Telnet access when no password has been set.  The correct response
    is to disallow any remote access to the module until the  password
    has been  set.   This vulnerability  may result  in users  gaining
    unintended  access  to  secure  systems.   This  vulnerability  is
    documented as Cisco bug ID CSCdt65960.

    Cisco 6400 NRP2  modules running Cisco  IOSŪ release earlier  than
    12.1(05)DC01 are affected by  this vulnerability.  Cisco  6400 NSP
    and  Cisco   6400  NRP1   modules  are   not  affected   by   this
    vulnerability.  No  other Cisco product  is currently known  to be
    affected  by  this  vulnerability.   To  determine  your  software
    revision, type show version at the command line prompt.

    The  Cisco  6400  Access  Concentrator  NRP2  module allows Telnet
    access when no  password is set  for the vtys  on the NRP2.   This
    vulnerability  affects  the  Gigabit  Ethernet,  ATM  and   Serial
    interface on the NRP2.  The  correct response is to not allow  any
    remote access to the module  until the vty password has  been set.
    A user can gain access to secure systems if the initial vtys  have
    not had their password set.  This vulnerability can be  eliminated
    by applying the workaround or by upgrading the IOS.

Solution

    This  vulnerability   has  been   fixed  in   Cisco  IOS   release
    12.1(05)DC01 or later.   As workaround apply  password to all  the
    32 vtys on the NRP2.

        Enable Prompt>  vty 0 31 password "the-password"