Cisco Catalyst Enable Access Authentication Bypass (CSCea42030)

This script is (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote Catalyst is affected by a password bypass vulnerability.
Basically, an attacker who has a command line access may gain the
'enable' privileges without having to know the right password, which
would allow him to reconfigure this host remotely.

This vulnerability is documented with the CISCO bug ID CSCde42030.

Solution :

http://www.nessus.org/u?62e6a495

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: CISCO

Nessus Plugin ID: 11547 (CSCea42030.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0216