Vigil@nce - Cisco ASR: execution of shell command at boot time
September 2015 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can reboot a Cisco ASR router, in order to make it run
an arbitrary shell script.
– Impacted products: Cisco ASR.
– Severity: 2/4.
– Creation date: 10/07/2015.
DESCRIPTION OF THE VULNERABILITY
The Cisco ASR product is based on a Linux system.
At boot time, the system uses file stored in a compact flash card
(this kind of cards are typically used with FAT filesystems, so
without permission handling). However, a locally logged-in user
can create a file in this card. This file will be run as a shell
script at next boot, with administration privileges.
An attacker can therefore reboot a Cisco ASR router, in order to
make it run an arbitrary shell script.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-ASR-execution-of-shell-command-at-boot-time-17342