1220 upgrade to IOS created a back door?

DANIEL WANG · ‎05-20-2004

I recently upgraded a 1220 IOS 12.2(13)JA3 and found that the web admin account created by the old Non-IOS web interface is still accessible through the web logon.

But the account itself is no where to be found in either IOS config file or Web admin.

How do I get rid of this web admin account?

Thanks.

a-vazquez · ‎05-26-2004

Did you check the bug tool kit if this is a known bug??

ctripp · ‎05-26-2004

Hi,

If you do a show run in your CLI does it show the username statement there?

Should look something like this normally towards the top of your conifguration.

hostname labap1100ip111

!

logging queue-limit 100

!

username admin privilege 15 password 7 xxxxxxxxxx

You can just do a config t

and no username admin should clear it

also you may want to do a wr mem on the CLI as the browser will not see entries normally posted to the running-config, it gets this information from the startup-config. See after the wr mem if you can see the account in the browser.

DANIEL WANG · ‎05-27-2004

I've checked the bug tool using keywords like login, logon, admin, username but didn't find anything.

Like I said, there is no such admin logon existing in the config. Therefore the "no username" command couldn't do anything. The only local account there is a priv. level 1 account.

One thing I wanted to point out though, is that my co-work rename the default ADMIN account to something like "43RT^1R". I wonder whether the numerals in the beginning and the ^ cause the problem.

Does IOS allow local account beginning with numerals and special characters?

Thanks a lot!

melisei · ‎06-04-2004

As far as I know the only exception is wgere you waht to use "?"

So, for a 123?abc username you need to enter

123

CTRL-V

?

abc

You don't have to enter the CTRL-V afterwards.

Have you tried a default of the unit? You can use either the GUI, or the IOS (startup-config) or the MODE button.

Cheers