Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4499

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-4499
Last Modified 05 Sep 2008 04:57:02
Published 22 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4499

Summary

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.

Vulnerable Systems

Operating System

  • Cisco Adaptive Security Appliance 7.0

  • Cisco Adaptive Security Appliance 7.0%284%29

  • Cisco Adaptive Security Appliance 7.0.1.4

  • Cisco Adaptive Security Appliance 7.0.4.3

  • Cisco Pix Firewall

  • Cisco Pix Firewall 2.7

  • Cisco Pix Firewall 3.0

  • Cisco Pix Firewall 3.1

  • Cisco Pix Firewall 4.0

  • Cisco Pix Firewall 4.1%286%29

  • Cisco Pix Firewall 4.1%286b%29

  • Cisco Pix Firewall 4.2

  • Cisco Pix Firewall 4.2%281%29

  • Cisco Pix Firewall 4.2%282%29

  • Cisco Pix Firewall 4.2%285%29

  • Cisco Pix Firewall 4.3

  • Cisco Pix Firewall 4.4

  • Cisco Pix Firewall 4.4%284%29

  • Cisco Pix Firewall 4.4%287.202%29

  • Cisco Pix Firewall 4.4%288%29

  • Cisco Pix Firewall 5.0

  • Cisco Pix Firewall 5.1

  • Cisco Pix Firewall 5.1%284%29

  • Cisco Pix Firewall 5.1%284.206%29

  • Cisco Pix Firewall 5.2

  • Cisco Pix Firewall 5.2%281%29

  • Cisco Pix Firewall 5.2%282%29

  • Cisco Pix Firewall 5.2%283.210%29

  • Cisco Pix Firewall 5.2%285%29

  • Cisco Pix Firewall 5.2%286%29

  • Cisco Pix Firewall 5.2%287%29

  • Cisco Pix Firewall 5.2%289%29

  • Cisco Pix Firewall 5.3

  • Cisco Pix Firewall 5.3%281%29

  • Cisco Pix Firewall 5.3%281.200%29

  • Cisco Pix Firewall 5.3%282%29

  • Cisco Pix Firewall 5.3%283%29

  • Cisco Pix Firewall 6.0

  • Cisco Pix Firewall 6.0%281%29

  • Cisco Pix Firewall 6.0%282%29

  • Cisco Pix Firewall 6.0%283%29

  • Cisco Pix Firewall 6.0%284%29

  • Cisco Pix Firewall 6.0%284.101%29

  • Cisco Pix Firewall 6.1

  • Cisco Pix Firewall 6.1%281%29

  • Cisco Pix Firewall 6.1%282%29

  • Cisco Pix Firewall 6.1%283%29

  • Cisco Pix Firewall 6.1%284%29

  • Cisco Pix Firewall 6.1%285%29

  • Cisco Pix Firewall 6.1.5%28104%29

  • Cisco Pix Firewall 6.2

  • Cisco Pix Firewall 6.2%281%29

  • Cisco Pix Firewall 6.2%282%29

  • Cisco Pix Firewall 6.2%283%29

  • Cisco Pix Firewall 6.2%283.100%29

  • Cisco Pix Firewall 6.3

  • Cisco Pix Firewall 6.3%281%29

  • Cisco Pix Firewall 6.3%282%29

  • Cisco Pix Firewall 6.3%283%29

  • Cisco Pix Firewall 6.3%283.102%29

  • Cisco Pix Firewall 6.3%283.109%29

  • Cisco Pix Firewall 6.3%285%29

  • Cisco Vpn 3000 Concentrator 2.0

  • Cisco Vpn 3000 Concentrator 2.5.2.a

  • Cisco Vpn 3000 Concentrator 2.5.2.b

  • Cisco Vpn 3000 Concentrator 2.5.2.c

  • Cisco Vpn 3000 Concentrator 2.5.2.d

  • Cisco Vpn 3000 Concentrator 2.5.2.f

  • Cisco Vpn 3000 Concentrator 3.0

  • Cisco Vpn 3000 Concentrator 3.0.3.a

  • Cisco Vpn 3000 Concentrator 3.0.3.b

  • Cisco Vpn 3000 Concentrator 3.0.4

  • Cisco Vpn 3000 Concentrator 3.1

  • Cisco Vpn 3000 Concentrator 3.1%28rel%29

  • Cisco Vpn 3000 Concentrator 3.1.1

  • Cisco Vpn 3000 Concentrator 3.1.2

  • Cisco Vpn 3000 Concentrator 3.1.4

  • Cisco Vpn 3000 Concentrator 3.5%28rel%29

  • Cisco Vpn 3000 Concentrator 3.5.1

  • Cisco Vpn 3000 Concentrator 3.5.2

  • Cisco Vpn 3000 Concentrator 3.5.3

  • Cisco Vpn 3000 Concentrator 3.5.4

  • Cisco Vpn 3000 Concentrator 3.5.5

  • Cisco Vpn 3000 Concentrator 3.6

  • Cisco Vpn 3000 Concentrator 3.6.1

  • Cisco Vpn 3000 Concentrator 3.6.7

  • Cisco Vpn 3000 Concentrator 3.6.7d

  • Cisco Vpn 3000 Concentrator 4.0

  • Cisco Vpn 3000 Concentrator 4.0.1

  • Cisco Vpn 3000 Concentrator 4.0.5.b

  • Cisco Vpn 3000 Concentrator 4.1.5.b

  • Cisco Vpn 3000 Concentrator 4.1.7.a

  • Cisco Vpn 3000 Concentrator 4.1.7.b

  • Cisco Vpn 3000 Concentrator 4.7.1

  • Cisco Vpn 3000 Concentrator 4.7.1.f

  • Cisco Vpn 3005 Concentrator 3.6.3

  • Cisco Vpn 3005 Concentrator 3.6.5

  • Cisco Vpn 3005 Concentrator 3.6.7

  • Cisco Vpn 3005 Concentrator 3.6.7.a

  • Cisco Vpn 3005 Concentrator 3.6.7.b

  • Cisco Vpn 3005 Concentrator 3.6.7.c

  • Cisco Vpn 3005 Concentrator 3.6.7.d

  • Cisco Vpn 3005 Concentrator 3.6.7.f

  • Cisco Vpn 3005 Concentrator 4.0

  • Cisco Vpn 3005 Concentrator 4.0.1

  • Cisco Vpn 3005 Concentrator 4.7.1

  • Cisco Vpn 3005 Concentrator 4.7.1.f

  • Cisco Vpn 3015 Concentrator 4.7.1

  • Cisco Vpn 3015 Concentrator 4.7.1.f

  • Cisco Vpn 3020 Concentrator 4.7.1

  • Cisco Vpn 3020 Concentrator 4.7.1.f

  • Cisco Vpn 3030 Concentator 4.0.2

  • Cisco Vpn 3030 Concentator 4.7.1

  • Cisco Vpn 3030 Concentator 4.7.1.f

  • Cisco Vpn 3060 Concentrator 3.5.2

  • Cisco Vpn 3060 Concentrator 4.7.1

  • Cisco Vpn 3060 Concentrator 4.7.1.f

  • Cisco Vpn 3080 Concentrator 4.7.1

  • Cisco Vpn 3080 Concentrator 4.7.1.f

Application

  • Cisco Pix Asa Ids

  • Cisco Pix Firewall 6.2.2 .111

  • Cisco Pix Firewall 6.2.3 %28110%29

  • Cisco Pix Firewall 6.3.3 %28133%29

  • Cisco Secure Access Control Server

  • Cisco Secure Access Control Server 2.0

  • Cisco Secure Access Control Server 2.1

  • Cisco Secure Access Control Server 2.3

  • Cisco Secure Access Control Server 2.3.5.1

  • Cisco Secure Access Control Server 2.3.6.1

  • Cisco Secure Access Control Server 2.4

  • Cisco Secure Access Control Server 2.42

  • Cisco Secure Access Control Server 2.5

  • Cisco Secure Access Control Server 2.6

  • Cisco Secure Access Control Server 2.6.2

  • Cisco Secure Access Control Server 2.6.3

  • Cisco Secure Access Control Server 2.6.4

  • Cisco Secure Access Control Server 3.0

  • Cisco Secure Access Control Server 3.0.1

  • Cisco Secure Access Control Server 3.0.3

  • Cisco Secure Access Control Server 3.1

  • Cisco Secure Access Control Server 3.1.1

  • Cisco Secure Access Control Server 3.2

  • Cisco Secure Access Control Server 3.2%281%29

  • Cisco Secure Access Control Server 3.2%281.20%29

  • Cisco Secure Access Control Server 3.2%282%29

  • Cisco Secure Access Control Server 3.2%283%29

  • Cisco Secure Access Control Server 3.2.1

  • Cisco Secure Access Control Server 3.2.2

  • Cisco Secure Access Control Server 3.3

  • Cisco Secure Access Control Server 3.3%281%29

  • Cisco Secure Access Control Server 3.3.1

  • Cisco Secure Access Control Server 3.3.2

  • Cisco Vpn 3002 Hardware Client


References

BID - 16025

BUGTRAQ - 20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability

BUGTRAQ - 20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability

OSVDB - 22193

MISC - http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml

SECUNIA - 18141


Last Updated: 27 May 2016 10:41:19