A buffer overflow vulnerability in Cisco IOS Firewall Authentication Proxy may allow a remote unauthenticated attacker to execute arbitrary code or cause a denial of service.
Cisco IOS Firewall Authentication Proxy is a feature that allows network administrators to apply security policies on a per-user basis. The Firewall Authentication Proxy for FTP and Telnet Sessions feature for Cisco IOS provides proxy authentication for FTP and Telnet services.
Cisco IOS is vulnerable to a buffer overflow when processing user authentication credentials from an Authentication Proxy Telnet or FTP session. According to the Cisco Security Advisory, the following versions of Cisco IOS are affected:
A remote unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition on an affected system.
Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.
|Date First Published:||2005-09-07|
|Date Last Updated:||2005-09-09 02:50 UTC|