Home page logo
/

bugtraq logo Bugtraq mailing list archives

Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability
From: Cisco Systems Product Security Incident Response Team <psirt () cisco com>
Date: Wed, 7 Nov 2012 11:11:56 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Secure Access Control System TACACS+ Authentication Bypass
Vulnerability

Advisory ID: cisco-sa-20121107-acs

Revision 1.0

For Public Release 2012 November 7 16:00  UTC (GMT)
- ----------------------------------------------------------------------

Summary
=======

Cisco Secure Access Control System (ACS) contains a vulnerability that
could allow an unauthenticated, remote attacker to bypass TACACS+
based authentication service offered by the affected product. The
vulnerability is due to improper validation of the user-supplied
password when TACACS+ is the authentication protocol and Cisco Secure
ACS is configured with a Lightweight Directory Access Protocol (LDAP)
external identity store.

An attacker may exploit this vulnerability by sending a special
sequence of characters when prompted for the user password. The
attacker would need to know a valid username stored in the LDAP
external identity store to exploit this vulnerability, and the
exploitation is limited to impersonate only that user. An exploit
could allow the attacker to successfully authenticate to any system
using TACACS+ in combination with an affected Cisco Secure ACS.

Cisco has released free software updates that address this
vulnerability. 

There are no workarounds for this vulnerability. 

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlCahBgACgkQUddfH3/BbTry0gD+ODX/mW0lFysJb+ga9d8hSJib
y3Nt7PWArjcjgBBfV6cA/3xq5kIJ57XxuNw63zIaTpay5N+sUNLDJ37bdjxu+hTf
=GL1C
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Cisco Systems Product Security Incident Response Team (Nov 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]