TACACS+ Denial of Service Vulnerability
From Damir Rajnovic <email@example.com>:
We updated our unsupported version of TACACS+ server so it is no longer vulnerable to oversized T+ packets. You can download the new version, F4.0.4 alpha, if you follow this URL: ftp://ftp-eng.cisco.com/pub/tacacs
A patch was supplied by Solar Designer in his paper analyzing tacacs+ vulnerabilities.
Cisco tac_plus 4.0.3 alpha