Cisco IOS AAA RADIUS Long Username Authentication Bypass (CSCee45312)

This script is Copyright (C) 2006-2014 Tenable Network Security, Inc.


Synopsis :

The remote Cisco IOS RADIUS server is prone to a remote authentication
bypass attack.

Description :

The remote host is a CISCO router containing a version of IOS that
contains a faulty RADIUS implementation which may lead to an
authentication bypass vulnerability.

An attacker may exploit this problem to gain unauthorized access
to the service.

Solution :

http://www.nessus.org/u?b981b4d9

Risk factor :

Medium / CVSS Base Score : 5.1
(CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 4.8
(CVSS2#E:H/RL:W/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 20933 (CSCee45312.nasl)

Bugtraq ID: 14092

CVE ID: CVE-2005-2105