HighCheck or Attack Name: CiscoACL
The host may allow unauthorized packets to circumvent a filtering router. Devices using IOS v10.3(3.4) through 10.3(4.2) and the 'tacacs-ds' or 'tacacs' keyword in extended IP access control lists can cause an extended IP access control list to be misparsed, resulting in unauthorized network traffic. An attacker could take advantage of the network access to gain information or acquire further unauthorized access to machines.
IOS v10.3 users should upgrade to 10.3(4.3), or the latest supported version for the device. As with any software upgrade, you should verify that your hardware can support the new software before upgrading.
Patches: Registered CCO users can obtain software at http://www.cisco.com/public/sw-center/ and select the version of software to download. Non-registered users can obtain patches at http://www.cisco.com/public/library/spc_req.shtml. When prompted for a code, please enter certjuly31 for a list of available files to download. For assistance, contact Cisco's TAC at tac@cisco.com.
Cisco Systems Software & Support, Software Center, http://www.cisco.com/public/sw-center/ .cisco.com/public/sw-center/ .cisco.com/public/sw-center/
Cisco Systems Software & Support, Special Access Code for Software, http://www.cisco.com/public/library/spc_req.shtml
Cisco Systems Technical Tips, Cisco Security Advisory 7/31/95, http://www.cisco.com/warp/public/707/1.html
