CVE-2006-0486 - Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T

CVE-2006-0486

Summary

Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770.

References

Vulnerable Configurations

cpe:2.3:o:cisco:ios:12.2\(25\)s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2\(25\)s:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 11-10-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

oval via4

accepted

2009-12-14T04:00:04.606-05:00

class

vulnerability

contributors

name Yuzheng Zhou
organization Hewlett-Packard
name Dragos Prisaca
organization Gideon Technologies, Inc.
name Dragos Prisaca
organization Gideon Technologies, Inc.

description

family

ios

oval:org.mitre.oval:def:4905

status

accepted

submitted

2008-05-26T11:06:36.000-04:00

title

Cisco IOS AAA Command Authorization Bypass via TCL Shell Reuse Vulnerability

version

refmap via4

cisco	20060125 Response to AAA Command Authorization by-pass
osvdb	22723
sectrack	1015543
secunia	18613
xf	cisco-aaa-tcl-auth-bypass(24308)

Last major update

11-10-2017 - 01:30

Published

01-02-2006 - 02:02

Last modified

11-10-2017 - 01:30