Got an IPS alert that says " Telnet: Cisco Buffer Overflow Vulnerability (High)
Network Security Platform has detected a "High (9)" attack.
Attack type: Signature: telnet-cmd-too-long"
Can I correctly say:
a) if we don't have telnet service enabled on all our Cisco devices, then we're not
vulnerable (even if telnet is enabled on some other legacy systems) ?
b) this only affects Cisco 676/677 devices, so if we don't have these devices in
our environment, then we're not vulnerable
If I'm mistaken to make above 2 statements, do elaborate & explain
trigger such alerts?