Vulnerability Note VU#236045
Cisco IOS Firewall Authentication Proxy vulnerable to buffer overflow via specially crafted user authentication credentials
A buffer overflow vulnerability in Cisco IOS Firewall Authentication Proxy may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service.
Cisco IOS Firewall Authentication Proxy is a feature that allows network administrators to apply security policies on a per-user basis. The Firewall Authentication Proxy for FTP and Telnet Sessions feature for Cisco IOS provides proxy authentication for FTP and Telnet services.
Cisco IOS is vulnerable to a buffer overflow when processing user authentication credentials from an Authentication Proxy Telnet or FTP session. According to the Cisco Security Advisory, the following versions of Cisco IOS are affected:
A remote unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition on an affected system.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems, Inc.||Affected||07 Sep 2005||07 Sep 2005|
CVSS Metrics (Learn More)
Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.
This document was written by Will Dormann, based on the Cisco Security Advisory.
- CVE IDs: Unknown
- Date Public: 07 Sep 2005
- Date First Published: 07 Sep 2005
- Date Last Updated: 08 Sep 2005
- Severity Metric: 21.87
- Document Revision: 12
If you have feedback, comments, or additional information about this vulnerability, please send us email.