• info
• discussion
• exploit
• solution
• references

TACACS+ Denial of Service Vulnerability

Solution:
From Damir Rajnovic <gaus@cisco.com>:
We updated our unsupported version of TACACS+ server so it is no longer vulnerable to oversized T+ packets. You can download the new version, F4.0.4 alpha, if you follow this URL: ftp://ftp-eng.cisco.com/pub/tacacs

A patch was supplied by Solar Designer in his paper analyzing tacacs+ vulnerabilities.


Cisco tac_plus 4.0.3 alpha

• Openwall tac_plus.patch
  http://www.securityfocus.com/data/vulnerabilities/patches/tac_plus.pat ch