• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco Multiple Products TACACS+ Authentication Bypass Vulnerability

Cisco Anomaly Detection and Mitigation appliances and service modules are prone to an authentication-bypass vulnerability. This issue can allow attackers to gain unauthorized access to devices or gain elevated privileges.

This vulnerability presents itself when the devices have been configured to authenticate users against an external TACACS+ server, but an external TACACS+ server isn't specified in the configuration using the 'tacacs-server host' command.

Note that a device is vulnerable only if the 'tacacs-server host' command isn't present in the configuration.

Depending on the privileges gained, the attacker may obtain sensitive information about a network by sniffing traffic and inspecting configuration policies. Denial-of-service attacks are also possible.