cisco backdoor versione 2.0

Per la serie "la backdoor suona sempre due volte":

http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml

This vulnerability documents an issue where the DRF Master server does not perform authentication on requests that it receives over the network. A remote, unauthenticated user can connect to the DRF Master server and may be able to perform any DRF-related tasks. These tasks include:

* Modifying or deleting a scheduled backup

* Copying a system backup to a remote, user-specified server

* Restoring a user-specified configuration from a remote server

* Execute arbitrary operating system commands

An attacker could exploit this vulnerability to cause a denial of service condition, obtain sensitive configuration information, overwrite configuration parameters, or execute arbitrary commands with full administrative privileges

Ricitandomi, con le dovute modifiche:

• un utente non autenticato
• connessione remota ad una porta TCP (la 4040)
• esecuzione di comandi con privilegi amministrativi
• ma sopratutto... possibilità di copiare un backup pre-esistente in un server esterno definito dall'attacker (!!!)

Questa, sempre a casa mia, si chiama backdoor.