Juniper Junos SSH TACACS+ Incorrect Permissions (PSN-2012-04-545)

High Nessus Plugin ID 58874

Synopsis

The remote device may grant permissions incorrectly.

Description

According to its self-reported version number, the version of Junos
running on the remote host may grant permissions incorrectly when SSH
sessions are authenticated remotely using TACACS+ for authentication
and authorization. Fetched authorizations are stored in a file whose
name is based on process ID. On unclean exits of the SSH client, this
file is not deleted, and therefore reused for future login sessions
with the same process ID. This could result in authorizations being
applied to the wrong user.

Solution

Apply the relevant Junos upgrade referenced in Juniper advisory
PSN-2012-04-545.

See Also

http://www.nessus.org/u?85546a08

Plugin Details

Severity: High

ID: 58874

File Name: juniper_psn-2012-04-545.nasl

Version: 1.6

Type: combined

Published: 2012/04/25

Modified: 2018/08/08

Dependencies: 55932

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.1

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:juniper:junos

Patch Publication Date: 2012/04/11

Vulnerability Publication Date: 2012/04/11