Korean

<< Back VID 29128 Severity 30 Port 161 Protocol UDP Class CISCO Detailed Description The Cisco IOS, according to its version number, has an authentication bypass vulnerability (Cisco bug ID CSCef77770) via the AAA command in Tcl shell mode. AAA (Authentication, Authorization Accounting) is the primary (and recommended) method for access control in the Ciscso IOS. Cisco IOS versions 12.0S through versions 12.0, 12.1, 12.2, 12.3, and 12.4 are vulnerable to an authentication bypass vulnerability, caused by missing authorization checks in the AAA command authorization checks for commands that are executed from the Tcl (Tool Command Language) exec shell. In addition to this flaw, if AAA authorization feature and Tcl (Tool Command Language) support are enabled on the device, a remote attacker could also gain elevated privileges on the Cisco IOS from within the Tcl shell mode. * Note: This check solely relied on the version number of the remote system to assess these vulnerabilities, so this might be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor. And also, if AAA authorization feature or Tcl support are disabled, please ignore this alert. * References: http://www.frsirt.com/english/advisories/2006/0337 http://securitytracker.com/id?1015543 http://secunia.com/advisories/18613 http://www.osvdb.org/22723 * Platforms Affected: CISCO IOS versions 12.0, 12.1, 12.2, 12.3, and 12.4 Recommendation Upgrade to the fixed Cisco IOS version, as listed in "Software Versions and Fixes" of Cisco Security Advisory (Response to AAA Command Authorization by-pass) at http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml Upgrades should be obtained through the Software Center on Cisco's worldwide web site at http://www.cisco.com Related URL CVE-2006-0485,CVE-2006-0486 (CVE) Related URL 16383 (SecurityFocus) Related URL 24308 (ISS)