CVE-2005-1020 - Improper Authentication

Severity

71%

Complexity

86%

Confidentiality

115%

Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data.

CVSS 2.0 Base Score 7.1. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C).

Demo Examples

Improper Authentication

CWE-287

The following code intends to ensure that the user is already logged in. If not, the code performs authentication with the user-provided username and password. If successful, it sets the loggedin and user cookies to "remember" that the user has already logged in. Finally, the code performs administrator tasks if the logged-in user has the "Administrator" username, as recorded in the user cookie.


               }
                     }ExitError("Error: you need to log in first");

                           
                              );
);
DoAdministratorTasks();

Unfortunately, this code can be bypassed. The attacker can set the cookies independently so that the code does not check the username and password. The attacker could do this with an HTTP request containing headers such as:


               [body of request]

By setting the loggedin cookie to "true", the attacker bypasses the entire authentication check. By using the "Administrator" value in the user cookie, the attacker also gains privileges to administer the software.

Improper Authentication

CWE-287

Overview

Type

Cisco IOS

First reported 19 years ago

2005-05-02 04:00:00

Last updated 7 years ago

2017-10-11 01:30:00

Affected Software

Cisco IOS 12.0

12.0

Cisco IOS 12.0 (23)S4

12.0\(23\)s4

Cisco IOS 12.0 (23)S5

12.0\(23\)s5

Cisco IOS 12.0 (24)S1

12.0\(24\)s1

Cisco IOS 12.0 (24)S4

12.0\(24\)s4

Cisco IOS 12.0 (24)S5

12.0\(24\)s5

Cisco IOS 12.0 (24.2)S

12.0\(24.2\)s

Cisco IOS 12.0 (26)S1

12.0\(26\)s1

Cisco IOS 12.0 (27)S

12.0\(27\)s

Cisco IOS 12.0 (27)SV

12.0\(27\)sv

Cisco IOS 12.0 (27)SV1

12.0\(27\)sv1

Cisco IOS 12.0DA

12.0da

Cisco IOS 12.0DB

12.0db

Cisco IOS 12.0DC

12.0dc

Cisco IOS 12.0S

12.0s

Cisco IOS 12.0SC

12.0sc

Cisco IOS 12.0SL

12.0sl

Cisco IOS 12.0SP

12.0sp

Cisco IOS 12.0ST

12.0st

Cisco IOS 12.0 SV

12.0sv

Cisco IOS 12.0SX

12.0sx

Cisco IOS 12.0SY

12.0sy

Cisco IOS 12.0SZ

12.0sz

Cisco IOS 12.0T

12.0t

Cisco IOS 12.0W5

12.0w5

Cisco IOS 12.0WC

12.0wc

Cisco IOS 12.0WT

12.0wt

Cisco IOS 12.0WX

12.0wx

Cisco IOS 12.0XA

12.0xa

Cisco IOS 12.0XB

12.0xb

Cisco IOS 12.0XC

12.0xc

Cisco IOS 12.0XD

12.0xd

Cisco IOS 12.0XE

12.0xe

Cisco IOS 12.0XF

12.0xf

Cisco IOS 12.0XG

12.0xg

Cisco IOS 12.0XH

12.0xh

Cisco IOS 12.0XI

12.0xi

Cisco IOS 12.0XJ

12.0xj

Cisco IOS 12.0XK

12.0xk

Cisco IOS 12.0XL

12.0xl

Cisco IOS 12.0XM

12.0xm

Cisco IOS 12.0XN

12.0xn

Cisco IOS 12.0XP

12.0xp

Cisco IOS 12.0XQ

12.0xq

Cisco IOS 12.0XR

12.0xr

Cisco IOS 12.0XS

12.0xs

Cisco IOS 12.0XT

12.0xt

Cisco IOS 12.0XU

12.0xu

Cisco IOS 12.0Xv

12.0xv

Cisco IOS 12.0 XW

12.0xw

Cisco IOS 12.1

12.1

Cisco IOS 12.1 (11)E

12.1\(11\)e

Cisco IOS 12.1 (11b)E

12.1\(11b\)e

Cisco IOS 12.1 (11b)E12

12.1\(11b\)e12

Cisco IOS 12.1 (11b)E14

12.1\(11b\)e14

Cisco IOS 12.1(13)E9

12.1\(13\)e9

Cisco IOS 12.1(19)E1

12.1\(19\)e1

Cisco IOS 12.1 (20)E

12.1\(20\)e

Cisco IOS 12.1 (20)E1

12.1\(20\)e1

Cisco IOS 12.1 (20)E2

12.1\(20\)e2

Cisco IOS 12.1 (20)EA1

12.1\(20\)ea1

Cisco IOS 12.1 (20)EC

12.1\(20\)ec

Cisco IOS 12.1 (20)EC1

12.1\(20\)ec1

Cisco IOS 12.1(20)EO

12.1\(20\)eo

Cisco IOS 12.1 (20)EW

12.1\(20\)ew

Cisco IOS 12.1 (20)EW1

12.1\(20\)ew1

Cisco IOS 12.1AA

12.1aa

Cisco IOS 12.1AX

12.1ax

Cisco IOS 12.1AY

12.1ay

Cisco IOS 12.1AZ

12.1az

Cisco IOS 12.1CX

12.1cx

Cisco IOS 12.1DA

12.1da

Cisco IOS 12.1DB

12.1db

Cisco IOS 12.1DC

12.1dc

Cisco IOS 12.1E

12.1e

Cisco IOS 12.1EA

12.1ea

Cisco IOS 12.1EB

12.1eb

Cisco IOS 12.1EC

12.1ec

Cisco IOS 12.1EO

12.1eo

Cisco IOS 12.1EU

12.1eu

Cisco IOS 12.1EV

12.1ev

Cisco IOS 12.1EW

12.1ew

Cisco IOS 12.1EX

12.1ex

Cisco IOS 12.1EY

12.1ey

Cisco IOS 12.1 M

12.1m

Cisco IOS 12.1T

12.1t

Cisco IOS 12.1XA

12.1xa

Cisco IOS 12.1XB

12.1xb

Cisco IOS 12.1XC

12.1xc

Cisco IOS 12.1XD

12.1xd

Cisco IOS 12.1XE

12.1xe

Cisco IOS 12.1XF

12.1xf

Cisco IOS 12.1XG

12.1xg

Cisco IOS 12.1XH

12.1xh

Cisco IOS 12.1XI

12.1xi

Cisco IOS 12.1XJ

12.1xj

Cisco IOS 12.1XK

12.1xk

Cisco IOS 12.1XL

12.1xl

Cisco IOS 12.1XM

12.1xm

Cisco IOS 12.1XP

12.1xp

Cisco IOS 12.1XQ

12.1xq

Cisco IOS 12.1XR

12.1xr

Cisco IOS 12.1XS

12.1xs

Cisco IOS 12.1XT

12.1xt

Cisco IOS 12.1XU

12.1xu

Cisco IOS 12.1XV

12.1xv

Cisco IOS 12.1XW

12.1xw

Cisco IOS 12.1XX

12.1xx

Cisco IOS 12.1XY

12.1xy

Cisco IOS 12.1XZ

12.1xz

Cisco IOS 12.1YA

12.1ya

Cisco IOS 12.1YB

12.1yb

Cisco IOS 12.1YC

12.1yc

Cisco IOS 12.1YD

12.1yd

Cisco IOS 12.1YE

12.1ye

Cisco IOS 12.1YF

12.1yf

Cisco IOS 12.1YH

12.1yh

Cisco IOS 12.1YI

12.1yi

Cisco IOS 12.1YJ

12.1yj

Cisco IOS 12.2

12.2

Cisco IOS 12.2 (1)XA

12.2\(1\)xa

Cisco IOS 12.2 (1)XD

12.2\(1\)xd

Cisco IOS 12.2 (1)XD1

12.2\(1\)xd1

Cisco IOS 12.2 (1)XD3

12.2\(1\)xd3

Cisco IOS 12.2 (1)XD4

12.2\(1\)xd4

Cisco IOS 12.2 (1)XE

12.2\(1\)xe

Cisco IOS 12.2 (1)XE2

12.2\(1\)xe2

Cisco IOS 12.2 (1)XE3

12.2\(1\)xe3

Cisco IOS 12.2 (1)XH

12.2\(1\)xh

Cisco IOS 12.2 (1)XQ

12.2\(1\)xq

Cisco IOS 12.2 (1)XS

12.2\(1\)xs

Cisco IOS 12.2 (1)XS1

12.2\(1\)xs1

Cisco IOS 12.2 (2)T4

12.2\(2\)t4

Cisco IOS 12.2 (2)XA

12.2\(2\)xa

Cisco IOS 12.2 (2)XA1

12.2\(2\)xa1

Cisco IOS 12.2 (2)XA5

12.2\(2\)xa5

Cisco IOS 12.2 (2)XB

12.2\(2\)xb

Cisco IOS 12.2 (2)XB3

12.2\(2\)xb3

Cisco IOS 12.2 (2)XB4

12.2\(2\)xb4

Cisco IOS 12.2 (2)XF

12.2\(2\)xf

Cisco IOS 12.2 (2)XG

12.2\(2\)xg

Cisco IOS 12.2 (2)XH

12.2\(2\)xh

Cisco IOS 12.2 (2)XH2

12.2\(2\)xh2

Cisco IOS 12.2 (2)XH3

12.2\(2\)xh3

Cisco IOS 12.2 (2)XI

12.2\(2\)xi

Cisco IOS 12.2 (2)XI1

12.2\(2\)xi1

Cisco IOS 12.2 (2)XI2

12.2\(2\)xi2

Cisco IOS 12.2 (2)XJ

12.2\(2\)xj

Cisco IOS 12.2 (2)XJ1

12.2\(2\)xj1

Cisco IOS 12.2 (2)XK

12.2\(2\)xk

Cisco IOS 12.2 (2)XK2

12.2\(2\)xk2

Cisco IOS 12.2 (2)XN

12.2\(2\)xn

Cisco IOS 12.2 (2)XT

12.2\(2\)xt

Cisco IOS 12.2 (2)XT3

12.2\(2\)xt3

Cisco IOS 12.2 (2)XU

12.2\(2\)xu

Cisco IOS 12.2 (2)XU2

12.2\(2\)xu2

Cisco IOS 12.2 (4)JA

12.2\(4\)ja

Cisco IOS 12.2 (4)JA1

12.2\(4\)ja1

Cisco IOS 12.2 (8)JA

12.2\(8\)ja

Cisco IOS 12.2 (11)JA

12.2\(11\)ja

Cisco IOS 12.2 (11)JA1

12.2\(11\)ja1

Cisco IOS 12.2 (11)T

12.2\(11\)t

Cisco IOS 12.2 (12g)

12.2\(12g\)

Cisco IOS 12.2 (12h)

12.2\(12h\)

Cisco IOS 12.2 (14)SY

12.2\(14\)sy

Cisco IOS 12.2 (14)SY1

12.2\(14\)sy1

Cisco IOS 12.2 (14)SZ

12.2\(14\)sz

Cisco IOS 12.2 (14)ZA

12.2\(14\)za

Cisco IOS 12.2 (14)ZA2

12.2\(14\)za2

Cisco IOS 12.2 (14.5)

12.2\(14.5\)

Cisco IOS 12.2 (14.5)T

12.2\(14.5\)t

Cisco IOS 12.2 (15)ZN

12.2\(15\)zn

Cisco IOS 12.2 (15.1)S

12.2\(15.1\)s

Cisco IOS 12.2 (16)B

12.2\(16\)b

Cisco IOS 12.2 (16.1)B

12.2\(16.1\)b

Cisco IOS 12.2 (17a)SXA

12.2\(17a\)sxa

Cisco IOS 12.2 (18)EW

12.2\(18\)ew

Cisco IOS 12.2 (18)EWA

12.2\(18\)ewa

Cisco IOS 12.2 (18)S

12.2\(18\)s

Cisco IOS 12.2 (18)SE

12.2\(18\)se

Cisco IOS 12.2 (18)SV

12.2\(18\)sv

Cisco IOS 12.2 (18)SW

12.2\(18\)sw

Cisco IOS 12.2 (20)EW

12.2\(20\)ew

Cisco IOS 12.2 (20)S

12.2\(20\)s

Cisco IOS 12.2 (20)S1

12.2\(20\)s1

Cisco IOS 12.2 (21)

12.2\(21\)

Cisco IOS 12.2 (21a)

12.2\(21a\)

Cisco IOS 12.2 (23)

12.2\(23\)

Cisco IOS 12.2B

12.2b

Cisco IOS 12.2BC

12.2bc

Cisco IOS 12.2BW

12.2bw

Cisco IOS 12.2BX

12.2bx

Cisco IOS 12.2BY

12.2by

Cisco IOS 12.2BZ

12.2bz

Cisco IOS 12.2CX

12.2cx

Cisco IOS 12.2CY

12.2cy

Cisco IOS 12.2CZ

12.2cz

Cisco IOS 12.2DA

12.2da

Cisco IOS 12.2DD

12.2dd

Cisco IOS 12.2DX

12.2dx

Cisco IOS 12.2EW

12.2ew

Cisco IOS 12.2EWA

12.2ewa

Cisco IOS 12.2JA

12.2ja

Cisco IOS 12.2JK

12.2jk

Cisco IOS 12.2MB

12.2mb

Cisco IOS 12.2MC

12.2mc

Cisco IOS 12.2MX

12.2mx

Cisco IOS 12.2S

12.2s

Cisco IOS 12.2SE

12.2se

Cisco IOS 12.2SU

12.2su

Cisco IOS 12.2SV

12.2sv

Cisco IOS 12.2SW

12.2sw

Cisco IOS 12.2SX

12.2sx

Cisco IOS 12.2SXA

12.2sxa

Cisco IOS 12.2SXB

12.2sxb

Cisco IOS 12.2SXD

12.2sxd

Cisco IOS 12.2SY

12.2sy

Cisco IOS 12.2SZ

12.2sz

Cisco IOS 12.2T

12.2t

Cisco IOS 12.2X

12.2x

Cisco IOS 12.2XA

12.2xa

Cisco IOS 12.2XB

12.2xb

Cisco IOS 12.2XC

12.2xc

Cisco IOS 12.2XD

12.2xd

Cisco IOS 12.2XE

12.2xe

Cisco IOS 12.2XF

12.2xf

Cisco IOS 12.2XG

12.2xg

Cisco IOS 12.2XH

12.2xh

Cisco IOS 12.2XI

12.2xi

Cisco IOS 12.2XJ

12.2xj

Cisco IOS 12.2XK

12.2xk

Cisco IOS 12.2XL

12.2xl

Cisco IOS 12.2XM

12.2xm

Cisco IOS 12.2XN

12.2xn

Cisco IOS 12.2XQ

12.2xq

Cisco IOS 12.2XR

12.2xr

Cisco IOS 12.2XS

12.2xs

Cisco IOS 12.2XT

12.2xt

Cisco IOS 12.2XU

12.2xu

Cisco IOS 12.2XW

12.2xw

Cisco IOS 12.2XZ

12.2xz

Cisco IOS 12.2YA

12.2ya

Cisco IOS 12.2YB

12.2yb

Cisco IOS 12.2YC

12.2yc

Cisco IOS 12.2YD

12.2yd

Cisco IOS 12.2YE

12.2ye

Cisco IOS 12.2YF

12.2yf

Cisco IOS 12.2YG

12.2yg

Cisco IOS 12.2YH

12.2yh

Cisco IOS 12.2YJ

12.2yj

Cisco IOS 12.2YK

12.2yk

Cisco IOS 12.2YL

12.2yl

Cisco IOS 12.2YM

12.2ym

Cisco IOS 12.2YN

12.2yn

Cisco IOS 12.2YO

12.2yo

Cisco IOS 12.2YP

12.2yp

Cisco IOS 12.2YQ

12.2yq

Cisco IOS 12.2YR

12.2yr

Cisco IOS 12.2YS

12.2ys

Cisco IOS 12.2YT

12.2yt

Cisco IOS 12.2YU

12.2yu

Cisco IOS 12.2YV

12.2yv

Cisco IOS 12.2YW

12.2yw

Cisco IOS 12.2YX

12.2yx

Cisco IOS 12.2YY

12.2yy

Cisco IOS 12.2YZ

12.2yz

Cisco IOS 12.2ZA

12.2za

Cisco IOS 12.2ZB

12.2zb

Cisco IOS 12.2ZC

12.2zc

Cisco IOS 12.2ZD

12.2zd

Cisco IOS 12.2ZE

12.2ze

Cisco IOS 12.2ZF

12.2zf

Cisco IOS 12.2ZG

12.2zg

Cisco IOS 12.2ZH

12.2zh

Cisco IOS 12.2ZI

12.2zi

Cisco IOS 12.2ZJ

12.2zj

Cisco IOS 12.2ZK

12.2zk

Cisco IOS 12.2ZL

12.2zl

Cisco IOS 12.2ZM

12.2zm

Cisco IOS 12.2ZN

12.2zn

Cisco IOS 12.2ZO

12.2zo

Cisco IOS 12.2ZP

12.2zp

Cisco IOS 12.2 ZQ

12.2zq

Cisco IOS 12.3

12.3

Cisco IOS 12.3 (2)T3

12.3\(2\)t3

Cisco IOS 12.3 (2)XC1

12.3\(2\)xc1

Cisco IOS 12.3 (2)XC2

12.3\(2\)xc2

Cisco IOS 12.3 (4)T

12.3\(4\)t

Cisco IOS 12.3 (4)T1

12.3\(4\)t1

Cisco IOS 12.3 (4)T2

12.3\(4\)t2

Cisco IOS 12.3 (4)T3

12.3\(4\)t3

Cisco IOS 12.3 (4)XD

12.3\(4\)xd

Cisco IOS 12.3 (4)XD1

12.3\(4\)xd1

Cisco IOS 12.3(5)

12.3\(5\)

Cisco IOS 12.3 (5a)

12.3\(5a\)

Cisco IOS 12.3 (5a)b

12.3\(5a\)b

Cisco IOS 12.3 (5b)

12.3\(5b\)

Cisco IOS 12.3 (6)

12.3\(6\)

Cisco IOS 12.3B

12.3b

Cisco IOS 12.3BC

12.3bc

Cisco IOS 12.3BW

12.3bw

Cisco IOS 12.3J

12.3j

Cisco IOS 12.3JA

12.3ja

Cisco IOS 12.3T

12.3t

Cisco IOS 12.3XA

12.3xa

Cisco IOS 12.3XB

12.3xb

Cisco IOS 12.3XC

12.3xc

Cisco IOS 12.3XD

12.3xd

Cisco IOS 12.3XE

12.3xe

Cisco IOS 12.3XF

12.3xf

Cisco IOS 12.3XG

12.3xg

Cisco IOS 12.3XH

12.3xh

Cisco IOS 12.3XI

12.3xi

Cisco IOS 12.3XJ

12.3xj

Cisco IOS 12.3XK

12.3xk

Cisco IOS 12.3XL

12.3xl

Cisco IOS 12.3XM

12.3xm

Cisco IOS 12.3XN

12.3xn

Cisco IOS 12.3XQ

12.3xq

Cisco IOS 12.3XR

12.3xr

Cisco IOS 12.3XS

12.3xs

Cisco IOS 12.3XT

12.3xt

Cisco IOS 12.3XU

12.3xu

Cisco IOS 12.3XV

12.3xv

Cisco IOS 12.3XW

12.3xw

Cisco IOS 12.3XX

12.3xx

Cisco IOS 12.3XY

12.3xy

Cisco IOS 12.3XZ

12.3xz

Cisco IOS 12.3YA

12.3ya

Cisco IOS 12.3YC

12.3yc

Cisco IOS 12.3YD

12.3yd

Cisco IOS 12.3YE

12.3ye

Cisco IOS 12.3YF

12.3yf

Cisco IOS 12.3YG

12.3yg

Cisco IOS 12.3YH

12.3yh

Cisco IOS 12.3YJ

12.3yj

Cisco IOS 12.3YL

12.3yl

References

14854

Patch, Vendor Advisory

20050406 Vulnerabilities in Cisco IOS Secure Shell Server

Vendor Advisory

13043

1013655

Vendor Advisory

CVE-2005-1020 - Improper Authentication

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Demo Examples

Improper Authentication

Improper Authentication

Overview

Type

First reported 19 years ago

Last updated 7 years ago

Affected Software

Cisco IOS 12.0

Cisco IOS 12.0 (23)S4

Cisco IOS 12.0 (23)S5

Cisco IOS 12.0 (24)S1

Cisco IOS 12.0 (24)S4

Cisco IOS 12.0 (24)S5

Cisco IOS 12.0 (24.2)S

Cisco IOS 12.0 (26)S1

Cisco IOS 12.0 (27)S

Cisco IOS 12.0 (27)SV

Cisco IOS 12.0 (27)SV1

Cisco IOS 12.0DA

Cisco IOS 12.0DB

Cisco IOS 12.0DC

Cisco IOS 12.0S

Cisco IOS 12.0SC

Cisco IOS 12.0SL

Cisco IOS 12.0SP

Cisco IOS 12.0ST

Cisco IOS 12.0 SV

Cisco IOS 12.0SX

Cisco IOS 12.0SY

Cisco IOS 12.0SZ

Cisco IOS 12.0T

Cisco IOS 12.0W5

Cisco IOS 12.0WC

Cisco IOS 12.0WT

Cisco IOS 12.0WX

Cisco IOS 12.0XA

Cisco IOS 12.0XB

Cisco IOS 12.0XC

Cisco IOS 12.0XD

Cisco IOS 12.0XE

Cisco IOS 12.0XF

Cisco IOS 12.0XG

Cisco IOS 12.0XH

Cisco IOS 12.0XI

Cisco IOS 12.0XJ

Cisco IOS 12.0XK

Cisco IOS 12.0XL

Cisco IOS 12.0XM

Cisco IOS 12.0XN

Cisco IOS 12.0XP

Cisco IOS 12.0XQ

Cisco IOS 12.0XR

Cisco IOS 12.0XS

Cisco IOS 12.0XT

Cisco IOS 12.0XU

Cisco IOS 12.0Xv

Cisco IOS 12.0 XW

Cisco IOS 12.1

Cisco IOS 12.1 (11)E

Cisco IOS 12.1 (11b)E

Cisco IOS 12.1 (11b)E12

Cisco IOS 12.1 (11b)E14

Cisco IOS 12.1(13)E9

Cisco IOS 12.1(19)E1

Cisco IOS 12.1 (20)E

Cisco IOS 12.1 (20)E1

Cisco IOS 12.1 (20)E2

Cisco IOS 12.1 (20)EA1

Cisco IOS 12.1 (20)EC

Cisco IOS 12.1 (20)EC1

Cisco IOS 12.1(20)EO

Cisco IOS 12.1 (20)EW