ID

VAR-199507-0003

TITLE

Cisco IOS tacacs Access List Keyword Vulnerability

DESCRIPTION

It is reported that Cisco IOS contains a vulnerability that may allow packets to bypass packet filtering. This vulnerability is reported to exist from version 10.3(1) to 10.3(3.3). This flaw exists in the configuration parsing code. It is triggered when the configuration contains the 'tacacs-ds' keyword. The particular circumstance by which this issue presents itself is when the IP extended access list includes the 'tacacs-ds' keyword. When versions 10.3(1) through 10.3(3.3) save their configuration, and then versions 10.3(3.4) through 10.3(4.2) of IOS read this old configuration file, the line with the 'tacacs-ds' present is incorrectly parsed and the line is ignored. An error message will be generated when the newer version of IOS reads the old configuration file. If lines containing the 'tacacs-ds' keyword are used as a part of a packet filter, the whole rule will be discarded. This leads to a false sense of security, as the administrator believes that packets will be blocked by the access control list. Attackers may then be able to bypass the access control list for the ignored configuration directive. This may allow further attacks against computers that are intended to be protected by the access control list.

AFFECTED PRODUCTS

THREAT TYPE

network

TYPE

Input Validation Error

EXTERNAL IDS

REFERENCES

CREDITS

This vulnerability was reported by Cisco in an advisory on 31 July 1995.

SOURCES

LAST UPDATE DATE

2022-05-17T02:12:13.291000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE