How to Buy
This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Remote Authentication Dial In User Service (RADIUS) authentication on
a device that is running certain versions of Cisco Internetworking
Operating System (IOS) and configured with a fallback method to none
can be bypassed. Systems that are configured for other authentication
methods or that are not configured with a fallback method to none are
not affected. Only the systems that are running certain versions of
Cisco IOS are affected. Not all configurations using RADIUS and none
are vulnerable to this issue. Some configurations using RADIUS, none
and an additional method are not affected. Cisco has made free
software available to address this vulnerability. There are
workarounds available to mitigate the effects of the vulnerability.
The vulnerabilities are documented as the following Cisco Bug ID:
CSCee45312 -- Radius authentication bypass when configured with a none
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
Nessus Plugin ID: 48986 (cisco-sa-20050629-aaa.nasl)
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.