SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:   Application (Security)  >   Cisco Secure Access Control Server Vendors:   Cisco
Cisco Secure ACS May Disclose Administrator Passwords to Local or Remote Authenticated Users
SecurityTracker Alert ID:  1016042
SecurityTracker URL:  http://securitytracker.com/id?1016042
CVE Reference:   CVE-2006-0561   (Links to External Site)
Updated:  Dec 5 2009
Original Entry Date:  May 9 2006
Impact:   Disclosure of authentication information
Vendor Confirmed:  Yes  
Version(s): 3.x
Description:   A vulnerability was reported in Cisco Secure Access Control Server (ACS). A local administrator can obtain the passwords of all ACS administrators.

A local administrative user or remote authenticated administrative user with access to the Windows registry can obtain from the registry a clear text version of the master key used to encrypt ACS administrator passwords. With this key, the user can decrypt all ACS administrator passwords.

With administrative credentials, the user can then change the password for any locally defined users. As a result, the user may be able to gain access to network devices that are configured to use Cisco Secure ACS for authentication.

Cisco has assigned Cisco Bug ID CSCsb67457 to this vulnerability.

Cisco Secure ACS for Windows 4.0.1 and Cisco Secure ACS for UNIX are not affected.

Cisco Secure ACS version 3.x appliances are not affected because they do not permit local or remote Windows registry access.

Andreas Junestam and Symantec reported this vulnerability.
Impact:   A local administrator or remote authenticated administrator can obtain the passwords of all ACS administrators.
Solution:   No solution was available at the time of this entry.

A workaround is described in the Cisco advisory, available at:

http://www.cisco.com/warp/public/707/cisco-sr-20060508-acs.shtml
Vendor URL:  www.cisco.com/warp/public/707/cisco-sr-20060508-acs.shtml (Links to External Site)
Cause:   Access control error
Underlying OS:   Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Mon, 8 May 2006 20:16:33 -0400
Subject:  Cisco Security Response to: Symantec SYMSA-2006-003 Cisco Secure ACS for Windows - Administrator Password Disclosure


http://www.cisco.com/warp/public/707/cisco-sr-20060508-acs.shtml


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2009, SecurityGlobal.net LLC