Vulnerabilities > CVE-2002-0225 - Unspecified vulnerability in Cisco Tacacs+ F4.0.4Alpha
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |