Cisco IOS tacacs Keyword ACL Bypass

1995-07-31T00:00:00
ID OSVDB:797
Type osvdb
Reporter OSVDB
Modified 1995-07-31T00:00:00

Description

Vulnerability Description

Cisco IOS contains a flaw that may allow a malicious user to bypass access control lists. The issue is caused by incorrect parses of extended ACLs which use the "tacacs" and "tacacs-ds" keywords. It is possible that the flaw may allow unauthorized traffic to traverse the network.

Solution Description

Upgrade to version indicated by Cisco product matrixx, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Cisco IOS contains a flaw that may allow a malicious user to bypass access control lists. The issue is caused by incorrect parses of extended ACLs which use the "tacacs" and "tacacs-ds" keywords. It is possible that the flaw may allow unauthorized traffic to traverse the network.

References:

Vendor Specific Advisory URL Other Advisory URL: http://www.securityfocus.com/advisories/1420 Nessus Plugin ID:10974 ISS X-Force ID: 1247 CVE-1999-0161 Bugtraq ID: 703