|
Cisco Secure Access Control Server Downloadable IP Access Control List Vulnerability
|
|
Secunia Advisory:
|
SA18141
|
|
|
Release Date:
|
2006-01-03
|
|
Popularity:
|
12,113 views
|
|
|
Critical:
|
 Less critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From local network
|
|
Solution Status:
|
Partial Fix
|
|
| OS: | Cisco PIX 6.x Cisco PIX 7.x Cisco VPN 3000 Concentrator Cisco VPN 3002 Hardware Client 3.x
|
|
| Software: | Cisco Firewall Services Module (FWSM) 1.x Cisco Firewall Services Module (FWSM) 2.x Cisco Secure ACS 3.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
Description: ovt has reported a vulnerability in Cisco Secure ACS (Access Control Server), which potentially can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to a design error in the Downloadable IP ACL (Access Control List) feature. This can be exploited by malicious people who knows the name of a Downloadable IP ACL configured on the ACS server to authenticate to the RAS/NAS (Remote Access Server/Network Access Server) by using the name of that ACL as their user name.
Successful exploitation requires that the attacker knows the name of the Downloadable IP ACL e.g. by sniffing network traffic between the RAS/NAS and the ACS server.
Solution: The vulnerability has been fixed in the following versions.
* Cisco Secure ACS Version 4.0.1
* PIX version 6.3(5)
* PIX/ASA 7.0(2)
* Cisco IOS Software Version 12.3(8)T4
* VPN 3000 versions 4.0.5.B and 4.1.5.B
Cisco FWSM:
Refer to vendor's original advisory for workaround instructions.
Provided and/or discovered by: ovt
Original Advisory: Cisco:
http://www.cisco.com/en/US/products/s...ts_field_notice09186a00805bf1c4.shtml
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|