{"vuid":"VU#516659","idnumber":"516659","name":"Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) module permits telnet access when no password has been set","keywords":["Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) module","telnet access","no password","vtys"],"overview":"The Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) module permits unauthenticated telnet access when no password has been set.","clean_desc":"The Access Concentrator Node Route Processor is a router blade for the Cisco 6400. It's purpose is to aggregate and terminate incoming virtual circuits. The Access Concentrator Node Route Processor receives traffic from one or more Node Switch Processor (NSP) Asynchronous Transfer Mode (ATM) switch ports, re-assembles the ATM cells into packets, routes the packets, segments the routed packets, and sends them back to the ATM switch. The Access Concentrator Node Route Processor module allows Telnet access when no password is set for the vtys on the device. Note that this product ships with no password set.","impact":"This vulnerability could allow a remote attacker to gain unauthorized access to the Access Concentrator Node Route Processor. Once the intruder has gained access to the Access Concentrator Node Route Processor, he could inspect or change the configuration of the device, effectively allowing complete control of the device. Since the Access Concentrator Node Route Processor is able to modify permanent and switched virtual circuits, the attacker may be able to re-route or disrupt network traffic as well as gather information about network topology.","resolution":"Upgrade to Cisco IOS release 12.1(05)DC01 or later.","workarounds":"Apply a password to all 32 vtys on the Access Concentrator Node Route Processor. To apply the password, execute the following command at the \"Enable Prompt\": Enable Prompt>  vty 0 31 password \"password\"","sysaffected":"","thanks":"The CERT/CC thanks \nCisco Systems\n for their advisory, on which this document is based.","author":"This document was written by Ian A. Finlay.","public":["http://www.cisco.com/warp/public/cc/pd/as/6400/prodlit/cnrp_ds.htm","http://www.cisco.com/warp/public/707/6400-nrp2-telnet-vuln-pub.shtml","http://www.securityfocus.com/bid/2874"],"cveids":["CVE-2001-0757"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-06-14T20:47:01Z","publicdate":"2001-06-14T00:00:00Z","datefirstpublished":"2001-09-20T19:39:46Z","dateupdated":"2003-04-09T18:53:27Z","revision":35,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"10","cam_impact":"15","cam_easeofexploitation":"20","cam_attackeraccessrequired":"20","cam_scorecurrent":"33.75","cam_scorecurrentwidelyknown":"33.75","cam_scorecurrentwidelyknownexploited":"56.25","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":33.75,"vulnote":null}