Info

Disclosure

Jan 12, 2006

Discovery

Unknown

Dates

Exploit

Jan 12, 2006

Solution

Unknown

Description

By default, CS-MARS installs with a default root password. The root account has an undocumented default password which is publicly known. This allows attackers to trivially access the prog or system.

Classification

Location: Local Access Required
Attack Type: Authentication Management
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: OSVDB Verified

Solution

Upgrade to version 4.1.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. After upgrading, issuing the 'passwd expert' command modifies the root password.

Products

Cisco Systems, Inc.

Cisco Security Monitoring, Analysis and Response System (CS-MARS)

4.1.3

References

Security Tracker: 1015471
Bugtraq ID: 16211
Secunia Advisory ID: 18424
CVE ID: 2006-0181 (see also: NVD)
ISS X-Force ID: 24065
Keyword: CSCsc83940 Document ID: 68605
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0196.html
Other Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtml

Credit

Cisco Product Security Incident Response Team (PSIRT) - psirtcisco.com - Cisco Systems, Inc.

Direct URL: http://osvdb.org/22346