[
9
]
-
Cisco
514
UDP Flood Denial
of Service Vulnerability
[
10
]
- CiscoSecure ACS
for
Windows NT Server Denial of Service Vulnerability
[
11
]
- Cisco Catalyst Memory Leak Vulnerability
[
12
]
- Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability
[
13
]
-
0
Encoding
IDS Bypass Vulnerability
(
UTF
)
[
14
]
- Cisco IOS HTTP Denial of Service Vulnerability
One final Cisco tool to look at is
cisco-ocs
.
This is another Cisco scanner, but no
parameters are needed to perform the testing. You don’t choose what
cisco-ocs
does; it
just does it. All you need to do is provide the range of addresses.
You can see a run of
cisco-ocs
in
Example 4-9
. After you tell it the range of addresses, and start and stop IP,
the tool will start testing each address in turn for entry points and potential vulnera‐
bilities.
Example 4-9. Running cisco-ocs
root@rosebud:~# cisco-ocs 192.168.86.1 192.168.86.254
********************************* OCS v 0.2 **********************************
**** ****
**** coded by OverIP ****
**** overip@gmail.com ****
**** under GPL License ****
**** ****
**** usage: ./ocs xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy ****
**** ****
**** xxx.xxx.xxx.xxx
=
range start IP ****
**** yyy.yyy.yyy.yyy
=
range end IP ****
**** ****
******************************************************************************
(
192.168.86.1
)
Filtered Ports
(
192.168.86.2
)
Filtered Ports
As you can see, several programs are looking for Cisco devices and potential vulnera‐
bilities. If you can find these devices, and they show either
open ports to test logins
or, even worse, vulnerabilities, it’s definitely worth flagging
them as devices to look
for exploits.
