Cisco IOS Secure Shell Server TACACS+ Username Domain Name DoS

Network Security News – Sunday, April 17, 2005 Events

Cisco IOS Secure Shell Server TACACS+ Username Domain Name DoS

Cisco IOS Secure Shell Server contains a flaw that may allow a remote denial of service. The issue is triggered when the IOS device is configured to authenticate against a TACACS+ server and the account username contains a domain name occurs, and will result in loss of availability for the device.. Read more at osvdb.org/15302

Cisco IOS IKE XAUTH ISAKMP IPSec SA Establish Authentication Bypass

Cisco IOS contains a flaw that may allow a malicious user to establish an unauthorized IPSEC SA. The issue is triggered due to an error within the handling of ISAKMP profile attributes. It is possible that the flaw may allow a deadlock condition to arise due to attributes not being processed allowing an attacker to establish an unauthorized IPSEC SA resulting in a loss of integrity.. Read more at osvdb.org/15305

Monkey HTTP Zero Byte File Request DoS

Monkey HTTP contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user requests a zero byte file, and will result in loss of availability for the service.. Read more at osvdb.org/15512