Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545)

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.


Synopsis :

The remote device may grant permissions incorrectly.

Description :

According to its self-reported version number, the version of Junos
running on the remote host may grant permissions incorrectly when SSH
sessions are authenticated remotely using TACACS+ for authentication
and authorization. Fetched authorizations are stored in a file whose
name is based on process ID. On unclean exits of the SSH client, this
file is not deleted, and therefore reused for future login sessions
with the same process ID. This could result in authorizations being
applied to the wrong user.

See also :

http://www.nessus.org/u?85546a08

Solution :

Apply the relevant Junos upgrade referenced in Juniper advisory
PSN-2012-04-545.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Junos Local Security Checks

Nessus Plugin ID: 58874 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now