CVE-2000-0945
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory.
Date published : 2001-09-18
http://www.securityfocus.com/bid/1846
http://archives.neohapsis.com/archives/bugtraq/2000-10/0380.html