CVE-2006-0485

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2(14)S before 12.2(14)S16 Cisco IOS versions 12.2(18)S before 12.2(18)S11 Cisco IOS certain other releases before 25 January 2006

Description The issue concerns the TCL shell in Cisco IOS, which fails to perform Authentication, Authorization, and Accounting (AAA) command authorization checks. This may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration.

Recommendations For Cisco IOS versions 12.2(14)S before 12.2(14)S16, update to version 12.2(14)S16 or later. For Cisco IOS versions 12.2(18)S before 12.2(18)S11, update to version 12.2(18)S11 or later. For Cisco IOS certain other releases before 25 January 2006, update to a release dated 25 January 2006 or later.