‘Cisco Network Admission Control Guest Server System Software Authentication Bypass Vulnerability’

Summary

Cisco Network Admission Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software.’

Credit:

‘The original article can be found at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b74114.shtml


Details

Vulnerable Systems:
 * Cisco NAC Guest Server all versions prior to software version 2.0.3

The Cisco NAC Guest Server system software contains a vulnerability in the configuration file of the RADIUS authentication software. This misconfiguration may allow an unauthenticated user to access the protected network. This vulnerability may result in authentication bypass without requiring a valid username or password.

Patch Availability:
Consult http://www.cisco.com/go/psirt and any to determine exposure and a complete upgrade solution.

Workaround:
It is possible to modify the RADIUS configuration file of the Cisco NAC Guest Access Server to eliminate thepotential for authentication bypass. The following commands modify the RADIUS configuration line file and restart the RADIUS daemon to read the new configuration file.

The configuration file may be modified by running the following command from the command-line interface (CLI) of the device:
# cp /etc/raddb/radiusd.conf /etc/raddb/radiusd.conf.orig
# sed -i ‘s/php -f/php/g’ /etc/raddb/radiusd.conf
# service radiusd restart

CVE Information:
CVE-2011-0963

Disclosure Timeline:
Revision 1.0 2011-March-30 Initial public release.’

Categories: News