Dear pdp (architect), pa> BTW, there are quite a lot cisco devices that have http open on local pa> LAN vulnerable to IOS HTTP Authorization Vulnerability.
That's my point, I have done an ehaustive amount of pentest, I have never come accross a router with accessible HTTP port. Maybe that's related to the nature of the networks though. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
