CVE-2006-0485

Severity

46%

Complexity

39%

Confidentiality

106%

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.

CVSS 2.0 Base Score 4.6. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Cisco IOS

First reported 19 years ago

2006-02-01 02:02:00

Last updated 7 years ago

2017-10-11 01:30:00

Affected Software

Cisco IOS 12.0T

12.0t

Cisco IOS 12.0XH

12.0xh

Cisco IOS 12.0XK

12.0xk

Cisco IOS 12.0XL

12.0xl

Cisco IOS 12.0XN

12.0xn

Cisco IOS 12.0XR

12.0xr

Cisco IOS 12.1

12.1

Cisco IOS 12.1AA

12.1aa

Cisco IOS 12.1E

12.1e

Cisco IOS 12.1EC

12.1ec

Cisco IOS 12.1EZ

12.1ez

Cisco IOS 12.1GA

12.1ga

Cisco IOS 12.1GB

12.1gb

Cisco IOS 12.1T

12.1t

Cisco IOS 12.1XA

12.1xa

Cisco IOS 12.1XE

12.1xe

Cisco IOS 12.1XH

12.1xh

Cisco IOS 12.1XI

12.1xi

Cisco IOS 12.1XJ

12.1xj

Cisco IOS 12.1XL

12.1xl

Cisco IOS 12.1XM

12.1xm

Cisco IOS 12.1XP

12.1xp

Cisco IOS 12.1XQ

12.1xq

Cisco IOS 12.1XS

12.1xs

Cisco IOS 12.1XT

12.1xt

Cisco IOS 12.1XU

12.1xu

Cisco IOS 12.1XV

12.1xv

Cisco IOS 12.1XW

12.1xw

Cisco IOS 12.1XY

12.1xy

Cisco IOS 12.1XZ

12.1xz

Cisco IOS 12.1YA

12.1ya

Cisco IOS 12.1YB

12.1yb

Cisco IOS 12.1YD

12.1yd

Cisco IOS 12.1YE

12.1ye

Cisco IOS 12.1YF

12.1yf

Cisco IOS 12.1YH

12.1yh

Cisco IOS 12.1YI

12.1yi

Cisco IOS 12.2

12.2

Cisco IOS 12.2B

12.2b

Cisco IOS 12.2BW

12.2bw

Cisco IOS 12.2BY

12.2by

Cisco IOS 12.2DD

12.2dd

Cisco IOS 12.2DX

12.2dx

Cisco IOS 12.2MX

12.2mx

Cisco IOS 12.2N

12.2n

Cisco IOS 12.2S

12.2s

Cisco IOS 12.2SU

12.2su

Cisco IOS 12.2SW

12.2sw

Cisco IOS 12.2SXB

12.2sxb

Cisco IOS 12.2SXD

12.2sxd

Cisco IOS 12.2SXE

12.2sxe

Cisco IOS 12.2SZ

12.2sz

Cisco IOS 12.2XA

12.2xa

Cisco IOS 12.2XB

12.2xb

Cisco IOS 12.2XC

12.2xc

Cisco IOS 12.2XD

12.2xd

Cisco IOS 12.2XG

12.2xg

Cisco IOS 12.2XH

12.2xh

Cisco IOS 12.2XJ

12.2xj

Cisco IOS 12.2XK

12.2xk

Cisco IOS 12.2XL

12.2xl

Cisco IOS 12.2XM

12.2xm

Cisco IOS 12.2XQ

12.2xq

Cisco IOS 12.2XS

12.2xs

Cisco IOS 12.2XT

12.2xt

Cisco IOS 12.2XU

12.2xu

Cisco IOS 12.2XV

12.2xv

Cisco IOS 12.2XW

12.2xw

Cisco IOS 12.2YB

12.2yb

Cisco IOS 12.2YC

12.2yc

Cisco IOS 12.2YD

12.2yd

Cisco IOS 12.2YE

12.2ye

Cisco IOS 12.2YH

12.2yh

Cisco IOS 12.2YK

12.2yk

Cisco IOS 12.2YL

12.2yl

Cisco IOS 12.2YM

12.2ym

Cisco IOS 12.2YN

12.2yn

Cisco IOS 12.2YT

12.2yt

Cisco IOS 12.2YU

12.2yu

Cisco IOS 12.2YW

12.2yw

Cisco IOS 12.2YX

12.2yx

Cisco IOS 12.2YY

12.2yy

Cisco IOS 12.2YZ

12.2yz

Cisco IOS 12.2ZB

12.2zb

Cisco IOS 12.2ZC

12.2zc

Cisco IOS 12.2ZD

12.2zd

Cisco IOS 12.2ZE

12.2ze

Cisco IOS 12.2ZF

12.2zf

Cisco IOS 12.2ZH

12.2zh

Cisco IOS 12.2ZJ

12.2zj

Cisco IOS 12.2ZL

12.2zl

Cisco IOS 12.2ZN

12.2zn

Cisco IOS 12.2ZP

12.2zp

Cisco IOS 12.3

12.3

Cisco IOS 12.3(11)YK2

12.3\(11\)yk2

Cisco IOS 12.3(11)YL

12.3\(11\)yl

Cisco IOS 12.3B

12.3b

Cisco IOS 12.3T

12.3t

Cisco IOS 12.3XA

12.3xa

Cisco IOS 12.3XB

12.3xb

Cisco IOS 12.3XD

12.3xd

Cisco IOS 12.3XE

12.3xe

Cisco IOS 12.3XF

12.3xf

Cisco IOS 12.3XG

12.3xg

Cisco IOS 12.3XH

12.3xh

Cisco IOS 12.3XI

12.3xi

Cisco IOS 12.3XJ

12.3xj

Cisco IOS 12.3XK

12.3xk

Cisco IOS 12.3XM

12.3xm

Cisco IOS 12.3XQ

12.3xq

Cisco IOS 12.3XR

12.3xr

Cisco IOS 12.3XW

12.3xw

Cisco IOS 12.3XY

12.3xy

Cisco IOS 12.3YA

12.3ya

Cisco IOS 12.3YB

12.3yb

Cisco IOS 12.3YF

12.3yf

Cisco IOS 12.3YG

12.3yg

Cisco IOS 12.3YH

12.3yh

Cisco IOS 12.3YI

12.3yi

Cisco IOS 12.3YJ

12.3yj

Cisco IOS 12.3YK

12.3yk

Cisco IOS 12.3YM

12.3ym

Cisco IOS 12.3YQ

12.3yq

Cisco IOS 12.3YS

12.3ys

Cisco IOS 12.3YT

12.3yt

Cisco IOS 12.3YU

12.3yu

Cisco IOS 12.3YX

12.3yx

Cisco IOS 12.4

12.4

Cisco IOS 12.4MR

12.4mr

Cisco IOS 12.4T

12.4t

References

18613

1015543

20060125 Response to AAA Command Authorization by-pass

Vendor Advisory

34892

16383

ADV-2006-0337

cisco-aaa-tcl-auth-bypass(24308)

oval:org.mitre.oval:def:5836

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.