News Stay informed about the latest enterprise technology news and product updates.

Cisco fixes TACACS+ authentication vulnerabilities

Cisco Systems announced the availability of free software to fix TACACS+ authentication vulnerabilities, which could allow a malicious user to bypass security in affected systems.

Cisco Systems today announced the availability of free software to fix vulnerabilities in several security software...

products that run on the company's appliances, routers and switches. The vulnerabilities could allow a malicious user to bypass security and gain unauthorized access to the devices or escalate their privileges in order to sniff traffic, launch denial-of-service attacks or perform network reconnaissance.

The vulnerabilities affect versions 5.0(1) and 5.0(3) of the software for the Cisco Guard and Cisco Traffic Anomaly Detector appliances, as well as the Anomaly Guard Module and Traffic Anomaly Detector Module for the Cisco Catalyst 6500 switches and Cisco 7600 routers. The vulnerability only exists where the devices are incorrectly configured to use TACACS+ authentication.

The Cisco Guard and Cisco Traffic Anomaly Detector appliances, and the Anomaly Guard Module and Traffic Anomaly Detector Module for the Cisco Catalyst 6500 switches and Cisco 7600 routers detect potential distributed denial-of-service attacks and divert the attack traffic without affecting legitimate network traffic. TACACS+ (Terminal Access Controller Access Control System) is a protocol used to authenticate users attempting to gain access to network devices. TACACS+ authentication is disabled by default. A correct TACACS+ configuration uses the "tacacs-server host" command to specify the external TACACS+ server. If TACACS+ authentication is specified but this command is missing, the user can bypass authentication.

If TACACS+ authentication is not specified, or it is specified and the necessary "tacacs-server host" command is present, the system is not vulnerable. Also, versions of the Cisco Guard and Cisco Traffic Anomaly Detector software before 5.0, or at 5.1 or above, are not vulnerable.

Users can mitigate this vulnerability by using the necessary "tacacs-server host" command. This vulnerability is fixed in the 5.1 series of the Cisco Guard and Cisco Traffic Anomaly Detector software, which begins with version 5.1(4). Users of the vulnerable software can obtain fixes from Cisco.

Edmund X. DeJesus (dejesus@compuserve.com) is a freelance writer in Norwood, Mass.

Dig Deeper on Microsoft Patch Tuesday and patch management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...

Close