COMMAND

    password forgeting...

SYSTEMS AFFECTED

    CISCO (LocalDirector 1.6.3)

PROBLEM

    At  least  three  customers  have  reported  losing  their  enable
    passwords upon upgrading to version 1.6.3 of Cisco's LocalDirector
    product.  Affected  systems allow users  to enter privileged  mode
    without providing  the correct  enable password;  any string  will
    suffice as a  password. This applies  only to the  privileged-mode
    enable password; the Telnet access password does not appear to  be
    affected. The reported behavior  was total loss of  the configured
    enable password; the systems in question were simply left  without
    enable passwords.

    CISCO came up  with two scenarios  in which a  LocalDirector might
    end up  without an  enable password  when a  user thought  that it
    should have  such a  password. The  first possibility  is that the
    user confuses the  password command, which  sets the password  for
    remote access, with  the enable password  command, which sets  the
    password for administrative access. If this happened, there  would
    be no enable password, but the user might think one had been set.

    The second scenario is particularly plausible in an upgrade. If  a
    user  saved  the  configuration  from  a  running LocalDirector by
    saving  the   output  of   show  config,   and  then   erased  the
    LocalDirector's configuration memory,  upgraded the software,  and
    pasted the saved configuration back into the system, the passwords
    would be lost.  This is because  show config does  not display any
    password-related information.

    Because a LocalDirector  with no enable  password set will  accept
    any string, either of these mistakes might easily go unnoticed for
    a very long time.  If a LocalDirector has no enable password, then
    any person  who can  log into  the system  via Telnet  or over its
    console port can reconfigure or shut down the LocalDirector.  This
    appears to this point NOT to be software bug, but users error.

SOLUTION

    Testing from the console and from a telnet session shows that  the
    properly set and  written to memory  password appears secure.   If
    you do,  you probably  shouldn't let  people you  don't trust with
    your  equipment  on  it  in  any  way.   Cisco  in  their advisory
    discourages the use  of other 1.6.x  versions because of  possible
    software instability.  Cisco recommends  that customers  take  the
    following steps:

        1. Check to make sure that enable passwords are being enforced
           by all LocalDirectors. If you find that a LocalDirector  is
           not enforcing  its enable  password, changing  the password
           using  the  enable  password  configuration  command should
           reactivate the password.  Remember to save the new password
           using  the   write  memory   command.    Recheck   password
           enforcement after any software upgrade or downgrade.

           If you are certain that a formerly working enable  password
           has been  lost by  the software,  please contact  Cisco via
           e-mail to security-alert@cisco.com.

        2. Make sure that you have configured a Telnet access password
           for  your  LocalDirector  using  the password configuration
           command. If you're not sure  of the secrecy of your  Telnet
           password, consider changing  it. Do not  give untrustworthy
           persons Telnet access to your LocalDirector.

        3. Consider using firewalling  devices to block Telnet  access
           from untrusted hosts, and/or restricting access from remote
           hosts   using   the   address-and-mask   feature   of   the
           LocalDirector telnet configuration  command. If you  have a
           dial-in  modem  connected  to  your LocalDirector's console
           port,  or  if  you  have  the  console  port connected to a
           network  device  that  allows  remote  access,  protect the
           console using the authentication  features of the modem  or
           network device to which it is connected.