|
|
|
|
| |
| There is a flaw in many looking-glasses (most of them based on the nitrous-digex one) that allows attackers to gather information about the network that was not intentionally provided. This happens because the looking-glass (which is written in Perl) doesn't check the input properly for the validity of the input address. |
| |
Credit:
The information has been provided by barabas.
|
| |
Example:
When clicking bgp, to check an address in the bgp table, the attacker can enter, instead of an ip address, the word "nei"(or neighbors) and all bgp neighbors will be fully visible. In fact, any valid argument in Cisco IOS following 'sh ip bgp' can be entered.
Another example:
<sh ip bgp> paths gives the full path table. This puts some strain on routers and could be used to DoS the router if no proper access security is provided. Various other things can be done
Workaround:
Check for a "." in the input.
|
|
|
|
|
|
|
|
|
|
