AV:N/AC:M/Au:S/C:N/I:N/A:P/E:F/RL:OF/RC:C
-
Cisco Secure Access Control Server (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability exists due to an error when handling Remote Authentication Dial In User Service (RADIUS) Extensible Authentication Protocol (EAP) responses. An authenticated, remote attacker could exploit this vulnerability by submitting a malicious RADIUS EAP response to the target system. This action could cause the authentication and authorization service and a service used to communicate with the device requesting authentication to crash, creating a DoS condition.
Cisco has confirmed this vulnerability and released updated software.
A successful attack could disrupt authentication services on the target system. By repeatedly sending malicious RADIUS EAP responses, the attacker could cause a persistent DoS condition. This situation could prevent devices that rely on authorization by an AAA server from connecting to the network.
-
Cisco has released a security response to address Cisco bug ID CSCsq10103 at the following link: cisco-sr-20080903-csacs
Vulnerable Products
The following software is affected:
Cisco Secure ACS versions 3.3.4 and prior
Cisco Secure ACS versions 4.0.1 and prior
Cisco Secure ACS versions 4.1(4) and prior
Cisco Secure ACS versions 4.2(0) and priorProducts Confirmed Not Vulnerable
No other Cisco products are currently known to be affected by these vulnerabilities.
-
Administrators are advised to apply the appropriate update.
Administrators are advised to restrict network access to affected systems to trusted users wherever possible.
Administrators are advised to limit the distribution of applications containing RADIUS shared secret information to trusted systems.
Administrators may consider changing shared secret information in order to delay or prevent attacks.
-
Cisco customers with active contracts can obtain updates through the Software Center at the following link: Cisco. Cisco customers without contracts can obtain upgrades by contacting the Cisco Technical Assistance Center at 1-800-553-2447 or 1-408-526-7209 or via e-mail at tac@cisco.com.
-
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Version Description Section Status Date 1.0 Initial Release NA Final 2008-Sep-03
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.