Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545)
High Nessus Plugin ID 58874
SynopsisThe remote device may grant permissions incorrectly.
DescriptionAccording to its self-reported version number, the version of Junos
running on the remote host may grant permissions incorrectly when SSH
sessions are authenticated remotely using TACACS+ for authentication
and authorization. Fetched authorizations are stored in a file whose
name is based on process ID. On unclean exits of the SSH client, this
file is not deleted, and therefore reused for future login sessions
with the same process ID. This could result in authorizations being
applied to the wrong user.
SolutionApply the relevant Junos upgrade referenced in Juniper advisory