Cisco IOS local privilege escalation

Published: 2006-01-25
Last Updated: 2006-01-25 20:59:59 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
Cisco released earlier a vulnerability note detailing a problem within some Cisco IOS versions that bypasses the command authorization offered by AAA services such as TACACS+. The bypass uses tclsh.

Why a router would need tclsh is a mystery to this handler.

--
Swa Frantzen


Keywords:
0 comment(s)

Comments


Diary Archives