Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0485

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2006-0485
Last Modified 07 Mar 2011 09:30:09
Published 31 Jan 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0485

Summary

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.

Vulnerable Systems

Operating System

  • Cisco Ios 12.0t

  • Cisco Ios 12.0xh

  • Cisco Ios 12.0xk

  • Cisco Ios 12.0xl

  • Cisco Ios 12.0xn

  • Cisco Ios 12.0xr

  • Cisco Ios 12.1

  • Cisco Ios 12.1aa

  • Cisco Ios 12.1e

  • Cisco Ios 12.1ec

  • Cisco Ios 12.1ez

  • Cisco Ios 12.1ga

  • Cisco Ios 12.1gb

  • Cisco Ios 12.1t

  • Cisco Ios 12.1xa

  • Cisco Ios 12.1xe

  • Cisco Ios 12.1xh

  • Cisco Ios 12.1xi

  • Cisco Ios 12.1xj

  • Cisco Ios 12.1xl

  • Cisco Ios 12.1xm

  • Cisco Ios 12.1xp

  • Cisco Ios 12.1xq

  • Cisco Ios 12.1xs

  • Cisco Ios 12.1xt

  • Cisco Ios 12.1xu

  • Cisco Ios 12.1xv

  • Cisco Ios 12.1xw

  • Cisco Ios 12.1xy

  • Cisco Ios 12.1xz

  • Cisco Ios 12.1ya

  • Cisco Ios 12.1yb

  • Cisco Ios 12.1yd

  • Cisco Ios 12.1ye

  • Cisco Ios 12.1yf

  • Cisco Ios 12.1yh

  • Cisco Ios 12.1yi

  • Cisco Ios 12.2

  • Cisco Ios 12.2b

  • Cisco Ios 12.2bw

  • Cisco Ios 12.2by

  • Cisco Ios 12.2dd

  • Cisco Ios 12.2dx

  • Cisco Ios 12.2mx

  • Cisco Ios 12.2n

  • Cisco Ios 12.2s

  • Cisco Ios 12.2su

  • Cisco Ios 12.2sw

  • Cisco Ios 12.2sxb

  • Cisco Ios 12.2sxd

  • Cisco Ios 12.2sxe

  • Cisco Ios 12.2sz

  • Cisco Ios 12.2xa

  • Cisco Ios 12.2xb

  • Cisco Ios 12.2xc

  • Cisco Ios 12.2xd

  • Cisco Ios 12.2xg

  • Cisco Ios 12.2xh

  • Cisco Ios 12.2xj

  • Cisco Ios 12.2xk

  • Cisco Ios 12.2xl

  • Cisco Ios 12.2xm

  • Cisco Ios 12.2xq

  • Cisco Ios 12.2xs

  • Cisco Ios 12.2xt

  • Cisco Ios 12.2xu

  • Cisco Ios 12.2xv

  • Cisco Ios 12.2xw

  • Cisco Ios 12.2yb

  • Cisco Ios 12.2yc

  • Cisco Ios 12.2yd

  • Cisco Ios 12.2ye

  • Cisco Ios 12.2yh

  • Cisco Ios 12.2yk

  • Cisco Ios 12.2yl

  • Cisco Ios 12.2ym

  • Cisco Ios 12.2yn

  • Cisco Ios 12.2yt

  • Cisco Ios 12.2yu

  • Cisco Ios 12.2yw

  • Cisco Ios 12.2yx

  • Cisco Ios 12.2yy

  • Cisco Ios 12.2yz

  • Cisco Ios 12.2zb

  • Cisco Ios 12.2zc

  • Cisco Ios 12.2zd

  • Cisco Ios 12.2ze

  • Cisco Ios 12.2zf

  • Cisco Ios 12.2zh

  • Cisco Ios 12.2zj

  • Cisco Ios 12.2zl

  • Cisco Ios 12.2zn

  • Cisco Ios 12.2zp

  • Cisco Ios 12.3

  • Cisco Ios 12.3%2811%29yk2

  • Cisco Ios 12.3%2811%29yl

  • Cisco Ios 12.3b

  • Cisco Ios 12.3t

  • Cisco Ios 12.3xa

  • Cisco Ios 12.3xb

  • Cisco Ios 12.3xd

  • Cisco Ios 12.3xe

  • Cisco Ios 12.3xf

  • Cisco Ios 12.3xg

  • Cisco Ios 12.3xh

  • Cisco Ios 12.3xi

  • Cisco Ios 12.3xj

  • Cisco Ios 12.3xk

  • Cisco Ios 12.3xm

  • Cisco Ios 12.3xq

  • Cisco Ios 12.3xr

  • Cisco Ios 12.3xw

  • Cisco Ios 12.3xy

  • Cisco Ios 12.3ya

  • Cisco Ios 12.3yb

  • Cisco Ios 12.3yf

  • Cisco Ios 12.3yg

  • Cisco Ios 12.3yh

  • Cisco Ios 12.3yi

  • Cisco Ios 12.3yj

  • Cisco Ios 12.3yk

  • Cisco Ios 12.3ym

  • Cisco Ios 12.3yq

  • Cisco Ios 12.3ys

  • Cisco Ios 12.3yt

  • Cisco Ios 12.3yu

  • Cisco Ios 12.3yx

  • Cisco Ios 12.4

  • Cisco Ios 12.4mr

  • Cisco Ios 12.4t


References

VUPEN - ADV-2006-0337

BID - 16383

CISCO - 20060125 Response to AAA Command Authorization by-pass

XF - cisco-aaa-tcl-auth-bypass(24308)

OSVDB - 34892

SECTRACK - 1015543

SECUNIA - 18613


Last Updated: 27 May 2016 10:41:40