Cisco Secure Access Control Server NDS Database Blank Password Authentication

2004-08-25T12:44:55
ID OSVDB:9184
Type osvdb
Reporter OSVDB
Modified 2004-08-25T12:44:55

Description

Vulnerability Description

Cisco Secure Access Control Server contains a flaw that may allow a remote attacker to successfully authenticate against a Novell Directory Service (NDS) database. The issue occurs when anonymous binds in the NDS are allowed and the ACS Solution Engine authenticates with DNS as the external database instead of generic LDAP. In such a configuration, a remote attacker may be able to authenticate using a blank password instead of valid authentication credentials.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Cisco Systems, Inc. has released a patch to address this vulnerability.

Short Description

Cisco Secure Access Control Server contains a flaw that may allow a remote attacker to successfully authenticate against a Novell Directory Service (NDS) database. The issue occurs when anonymous binds in the NDS are allowed and the ACS Solution Engine authenticates with DNS as the external database instead of generic LDAP. In such a configuration, a remote attacker may be able to authenticate using a blank password instead of valid authentication credentials.

References:

Vendor URL: http://www.cisco.com/ Vendor Specific Advisory URL Security Tracker: 1011065 Secunia Advisory ID:12386 Related OSVDB ID: 9183 Related OSVDB ID: 9185 Related OSVDB ID: 9182 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1069.html Keyword: Novell Directory Services Keyword: CSCed81716 ISS X-Force ID: 17117 CVE-2004-1460 Bugtraq ID: 11047