Detections
Analytics

Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545)

high Nessus Plugin ID 58874

Language:

Synopsis

The remote device may grant permissions incorrectly.

Description

According to its self-reported version number, the version of Junos running on the remote host may grant permissions incorrectly when SSH sessions are authenticated remotely using TACACS+ for authentication and authorization. Fetched authorizations are stored in a file whose name is based on process ID. On unclean exits of the SSH client, this file is not deleted, and therefore reused for future login sessions with the same process ID. This could result in authorizations being applied to the wrong user.

Solution

Apply the relevant Junos upgrade referenced in Juniper advisory PSN-2012-04-545.

See Also

http://www.nessus.org/u?85546a08

Plugin Details

Severity: High

ID: 58874

File Name: juniper_psn-2012-04-545.nasl

Version: 1.6

Type: combined

Published: 4/25/2012

Updated: 8/8/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/model, Host/Juniper/JUNOS/Version

Patch Publication Date: 4/11/2012

Vulnerability Publication Date: 4/11/2012