Vulnerabilities > CVE-2006-0485 - Unspecified vulnerability in Cisco IOS

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
cisco
nessus

Summary

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.

Vulnerable Configurations

Part Description Count
OS
Cisco
130

Nessus

NASL familyCISCO
NASL idCSCEH73049.NASL
descriptionThe remote host is a CISCO router containing a version of IOS that is vulnerable to a remote AAA command authorization bypass attack. The remote version of IOS does not enforce AAA command authorization checks for commands etnered in the TCL shell. An attacker with a shell access on the remote route could gain elevated privileges on the remote device.
last seen2020-06-01
modified2020-06-02
plugin id20808
published2006-01-25
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/20808
titleCisco IOS TCLSH AAA Command Authorization Bypass (CSCeh73049)

Oval

accepted2009-12-14T04:00:06.094-05:00
classvulnerability
contributors
  • nameYuzheng Zhou
    organizationHewlett-Packard
  • nameDragos Prisaca
    organizationGideon Technologies, Inc.
  • nameDragos Prisaca
    organizationGideon Technologies, Inc.
descriptionThe TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
familyios
idoval:org.mitre.oval:def:5836
statusaccepted
submitted2008-05-26T11:06:36.000-04:00
titleCisco IOS AAA Command Authorization Bypass Vulnerability
version4