CVE-2000-0945

The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.

Date published : 2001-09-18

http://www.securityfocus.com/bid/1846

http://archives.neohapsis.com/archives/bugtraq/2000-10/0380.html