module
Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access
| Disclosed | Created |
|---|---|
| 2006-08-23 | 2020-07-16 |
Disclosed
2006-08-23
Created
2020-07-16
Description
This module tests for a logic vulnerability in the Cisco VPN Concentrator
3000 series. It is possible to execute some FTP statements without authentication
(CWD, RNFR, MKD, RMD, SIZE, CDUP). It also appears to have some memory leak bugs
when working with CWD commands. This module simply creates an arbitrary directory,
verifies that the directory has been created, then deletes it and verifies deletion
to confirm the bug.
3000 series. It is possible to execute some FTP statements without authentication
(CWD, RNFR, MKD, RMD, SIZE, CDUP). It also appears to have some memory leak bugs
when working with CWD commands. This module simply creates an arbitrary directory,
verifies that the directory has been created, then deletes it and verifies deletion
to confirm the bug.
Author
aushack patrick@osisecurity.com.au
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.