PT-2002-1311 · Novell+1 · Novell Directory Services+2

Publicado

2002-05-29

Atualizado

2008-09-05

CVE-2002-0241

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cisco Secure Authentication Control Server (ACS) version 3.0.1

Description The issue concerns the NDSAuth.DLL component, which fails to verify the Expired or Disabled state of users in the Novell Directory Services (NDS). This oversight could allow expired or disabled users to successfully authenticate to the server.

Recommendations For Cisco Secure Authentication Control Server (ACS) version 3.0.1, update the NDSAuth.DLL component to properly check the user state in NDS. As a temporary workaround, consider manually verifying the status of users in NDS to prevent unauthorized access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-0241

Produtos afetados

Cisco Secure Authentication Control Server

Ndsauth.Dll

Novell Directory Services

PT-2002-1311 · Novell+1 · Novell Directory Services+2

CVE-2002-0241

Identificadores relacionados

Produtos afetados

Referências · 4